Hi,
Just a few comments about the ps
Section 1. Introduction
- "two entities are able to verify that each other is who they think
they are" --> the term "think" is quite ambiguous here, probably better
"two entities are able to verify that each other is who they claim they
are""
Section 2. Terminology
- Authentication Policy Community (APC): "A set of entities that
share a common trust infrastructure" It is just a "federation"? Why the
term policy is used here? It is just for authentication not for
authorization?
- Community of Interest (CoI): Does it refers to idPs and SPs (and
principals/clients?)
- Entity: A general term for IdPs and RPs.
In documents like
http://docs.oasis-open.org/security/saml/v2.0/saml-glossary-2.0-os.pdf,
the general term for idPs and RPs is "Provider", in fact, "Entity" is a
more general concept"
- Trust Arbitrator: What is a "trust rating"?
- Trust Advisor:
- CoR is not defined
- Agree with David, "Root of Trust" is a well known term for
that, or even "Trust Anchor"
-
Section 3.
3.2 - Authors remark the term "Communities of Trust", which is not
included in Section 2.
3.2 - "and users of it typically need to pay for the service". Does
it refer to the fact of paying for trust? I usually connect to my bank
account, trust is established based on a Trust Anchor (probably
something like Verisign), but I have never paid for this trust? Or have
I misunderstood the sentence? Could you add some examples?
3.2 - " Trust Arbitrators are less commonly seen, and are usually
found where a Trust Arbitrator stands to make financial gain" Is it this
sentence right?
3.3 - Does this section describe something similar to the term
"confederation" or "alliance"?
Section 5.1 - Have you take into account cross-certification? Bridge
CA? etc....
- "Works well but only when governance and management is
done properly" --> Well I think it is true for any kind of
infrastructure/technology/scenario I can imagine ...
- "Which it isn't, generally" -- > Agree with David. This is
a very strong sentence.
Section 6 -
It is still difficult to me to see the real problem to be solved. I
expected a description about how technologies like ,for example, PKI
does not fulfils the requirements of section 4. I'm not saying it does,
I'm just saying it would improve the problem statement...
Sorry if I'm saying nonsenses, just trying to understand the
terminology ....
Regards, Gabi.
On 12/03/13 18:35, Rhys Smith wrote:
> Hi all,
>
> FYI, a new version of a problem statement driving the reasoning for needing
> trust router has been posted. There's still a lot of work needing doing on
> it. Compared to previous versions, this is trying to articulate the problem
> in a more general sense than has previously been done, to see if that helps
> in explaining the problem.
>
> Rhys.
>
> Begin forwarded message:
>
>> From: [email protected]
>> Subject: I-D Action: draft-howlett-abfab-trust-router-ps-03.txt
>> Date: 11 March 2013 18:25:28 EDT
>> To: [email protected]
>> Reply-To: [email protected]
>>
>>
>> A New Internet-Draft is available from the on-line Internet-Drafts
>> directories.
>>
>>
>> Title : Trust Requirements in a Federated World
>> Author(s) : Josh Howlett
>> Rhys Smith
>> Margaret Wasserman
>> Filename : draft-howlett-abfab-trust-router-ps-03.txt
>> Pages : 14
>> Date : 2013-03-11
>>
>> Abstract:
>> TODO: This document outlines the requirements for trust in a
>> federated environment, and enumerates the requirements for a trust
>> infrastructure. It also examines existing trust infrastructures
>> given these requirements and concludes that none fulfil all of the
>> requirements, and suggests that maybe a new one is required that
>> does.
>>
>>
>> The IETF datatracker status page for this draft is:
>> https://datatracker.ietf.org/doc/draft-howlett-abfab-trust-router-ps
>>
>> There's also a htmlized version available at:
>> http://tools.ietf.org/html/draft-howlett-abfab-trust-router-ps-03
>>
>> A diff from the previous version is available at:
>> http://www.ietf.org/rfcdiff?url2=draft-howlett-abfab-trust-router-ps-03
>>
>>
>> Internet-Drafts are also available by anonymous FTP at:
>> ftp://ftp.ietf.org/internet-drafts/
>>
>> _______________________________________________
>> I-D-Announce mailing list
>> [email protected]
>> https://www.ietf.org/mailman/listinfo/i-d-announce
>> Internet-Draft directories: http://www.ietf.org/shadow.html
>> or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
> _______________________________________________
> abfab mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/abfab
_______________________________________________
abfab mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/abfab
