On Thu, Jun 10, 2010 at 11:59 PM, Janne Karhunen <[email protected]>wrote:
> On Thu, Jun 10, 2010 at 9:39 PM, Shaz <[email protected]> wrote: > > >> Do you have in mind a particular use case and risks you wish to protect > >> against? I can take that example to explain how it can be done by our > >> framework. > > > > Please re-read the use-case again ... you have overly simplified it. > > Openness between manufacturer and operator is something else while > openness > > with third party service providers is something else and then the policy > > management between multiple authoritative domains. The third service > > provider might not come through the operator's authoritative domain? Here > > the rights cannot be managed at operator's cloud alone! > > As I said, we're not generic security kitchen sink and have > somewhat limited problem to solve. For now, each installation > source has known set of credentials they can grant. > > So you just use the term open while you are restricting the business model! The user can be fooled but not the community. How do you expect trusted computing to be used if this is the attitude of designers at Nokia and whatever? Apologies for my school of thought. > > > Where does rbac play its role? Credentials ...? > > We're not exactly rbac. I take the public arch docs have been > corrected in this sense already? > No. -- Shaz
_______________________________________________ MeeGo-dev mailing list [email protected] http://lists.meego.com/listinfo/meego-dev
