<no-hat> Sue,
Thanks for writing this draft. I think it is useful to clearly articulate the outside-of-I2RS behavior and protocols that are needed for the mutual authentication. I do have a couple comments on the draft. In Sec 3.1, it says "Each Identity will be linked to one secondary identity for the period of a connection." I would have assumed that the client could arbitrarily change its' secondary identity. This is to support the broker case where a client may be passing along requests from multiple applications. Since the secondary identity is just passed along and stored for traceability, I don't think that allowing it to change would cause significant complications. What do others think? In the I2RS architecture, there are 3 different types of transaction behavior desired for processing a message. In Sec 4, there's an assumption that "fail-on-error" with the associated roll-back is the only mode. Thus, I think that Section 4 needs a bit of massaging. Thanks, Alia
_______________________________________________ i2rs mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2rs
