Hi Rhys
having read your draft could I suggest
1. some changes in terminology
Trust Arbitrator - > Reputation Service or Reputation Service Operator
depending upon context
Trust Advisor - > Root of Trust
These two entities are quite different, but by using very similar
notation for both, as you do, it tends to conflate them into being
almost the same. I would prefer it if different terms could be used,
that a) better describe their functionality, and b) better differentiate
between them. It would also remove the tautology from this sentence
A Trust Arbitrators/Advisors can attempt to become the arbiter of
trust for multiple communities.
2. that you have downplayed the complexity in establishing technical
trust between entities. Joining an Authentication Policy Community might
actually be quite time consuming and tedious, if you have to prove that
you conform to a certain set of policies (e.g. LOA 3).
3. wrt section 5.1, the scientific EGI community might strongly disagree
with your conclusions here. I think they think that PKI works just fine,
is infinitely scalable and very secure. But you should check with them.
regards
David
On 12/03/2013 17:35, Rhys Smith wrote:
Hi all,
FYI, a new version of a problem statement driving the reasoning for needing
trust router has been posted. There's still a lot of work needing doing on it.
Compared to previous versions, this is trying to articulate the problem in a
more general sense than has previously been done, to see if that helps in
explaining the problem.
Rhys.
Begin forwarded message:
From: [email protected]
Subject: I-D Action: draft-howlett-abfab-trust-router-ps-03.txt
Date: 11 March 2013 18:25:28 EDT
To: [email protected]
Reply-To: [email protected]
A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : Trust Requirements in a Federated World
Author(s) : Josh Howlett
Rhys Smith
Margaret Wasserman
Filename : draft-howlett-abfab-trust-router-ps-03.txt
Pages : 14
Date : 2013-03-11
Abstract:
TODO: This document outlines the requirements for trust in a
federated environment, and enumerates the requirements for a trust
infrastructure. It also examines existing trust infrastructures
given these requirements and concludes that none fulfil all of the
requirements, and suggests that maybe a new one is required that
does.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-howlett-abfab-trust-router-ps
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-howlett-abfab-trust-router-ps-03
A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-howlett-abfab-trust-router-ps-03
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
I-D-Announce mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
_______________________________________________
abfab mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/abfab
_______________________________________________
abfab mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/abfab
