Re: Additional operations

[Stephen Farrell <stephen.farrell@xxxxxxxxxxxx>]

Hi Tom,

That'd extend the scope of what we're doing to include administrative
functionality in the protocol. To date, I don't think we've envisaged
that being the case (since there are a few different, probably all 
fairly complex administrative schemes you could envisage). So my take
would be that admin operations would be for later, if at all, since
they don't affect interop that much (I'd assume each credential server
implementation would have its own admin tools, and they don't really
need to interop in the first instance).

Or maybe you didn't mean LOCK/UNLOCK as administrative?

Stephen.

Tom Jordan wrote:
> 
> Folks,
> 
> In addition to the specified operations (GET-PUT-DELETE), I'd invite
> discussion on the need for operations to be applied by an administrative
> user. I'd propose two new operations - LOCK and UNLOCK that would
> respectively limit or allow a user to retrieve credentials without the
> need to destroy the credentials themselves.
> 
> Granted that this implies maintaining some state information regarding the
> opaque credentials themselves, but perhaps there's some value to it.
> 
>         --Tom

-- 
____________________________________________________________
Stephen Farrell         				   
Baltimore Technologies,   tel: (direct line) +353 1 881 6716
39 Parkgate Street,                     fax: +353 1 881 7000
Dublin 8.                mailto:stephen.farrell@xxxxxxxxxxxx
Ireland                             http://www.baltimore.com