On Wed, Mar 30, 2011 at 12:44 PM, Sandy Walsh <[email protected]> wrote: > This flow is saying "The AuthZ resource lives on your side of the fence and > I'd like to access it", but to do so Alice needs to grant permission and that > interaction seems confusing to me.
Ja wohl, I don't disagree that it could well be confusing. The classic / bog standard approaches to security very much often suck pardon my lingo with respect to usability. And if we're stuck with whatever system the users want to have themselves rather than being able to impose something actually usable, there's probably not much room to improve? (But I'm a pessimist. :-) I can think of a hack attempt to bandage over the usability horribleness, but it is all just adding complexity and papering over the underlying lameness. I.e. when the Parent realizes that it has to offload to a Child, it could at least inform the user that it is doing that, and that the incoming security request is (probably?) about that. sincerely. _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : [email protected] Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
