Russ Allbery <[EMAIL PROTECTED]> writes:
> Stanford currently very much loses on this, in a wide variety of ways. We
> really only have one authorization system that copes correctly with role
> status changes (provided that it's used properly), and it only knows how
> to talk to the financial system and isn't (currently) usable as a general
> authorization solution. There is some active work in the Internet2 arena
> on this, but not to the point where I think people are deploying it.
The problem with the Internet2's work in this area
(i.e., Signet and Grouper) is that
they seem like they've never met a problem
that they didn't think the answer to it was:
while (problem) {
Throw the most complicated XML and Java possible at it.
}
(And they forgot to catch deathByBloatAndComplexityException)
John
________________________________________________
Kerberos mailing list [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos
