Joel, On Tue, Jul 14, 2015 at 02:22:01PM -0400, Joel M. Halpern wrote: > The architecture does not have a proxy. It only has Clients, who > may be acting on behalf of applications. Those applications are not > consider, by the I2RS system, to be I2RS Clients. > > Secondary identity is not a full proxy mode. secondary identities > are not authenticated. They do not have priorities. They are > included in the architecture to ease attribution.
It is understood that secondary-identity is only a traceability detail. > So no, if A and B are applications, working through a common I2RS > client, then their operations are handled by the client. The > requirements only call for the client priority to be assigned to > those operations. Given the above, I think it is fair to say that proxies are completely out of scope. While this simplifies things, I'm not sure it's the best thing long-term. > As a nice-to-have, allowing clients to specify different priorities > for different operations is acceptable. But it is not necessary. As a nice-to-have, I don't believe the architecture clearly explains such an ability to alter priority. Please work with Alia to update the architecture document to clarify this if you believe this property is important. -- Jeff _______________________________________________ i2rs mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2rs
