On Fri, Apr 8, 2022 at 10:14 AM Sean Mullan <sean.mul...@oracle.com> wrote: > > Ok, thanks for some clarification on the proposal. > > How many applications currently depend on the SM for this type of usage? > What other alternate models have you considered?
There are some number of customers and users within our user base who rely on SM for certain security certifications or requirements. The alternative would be to attempt to reframe these certifications or requirements on a case by case basis to exclude SM, which might or might not be less work than preserving it. > In general, I think authorization is best done at a higher layer within > the application and not via low-level SM callouts. Authorize the subject > first and if not acceptable, prevent the operation or API from being > called in the first place. Once the operation is in motion, you have > already taken a greater risk that something might go wrong. The low level authorization checks would be in addition to the high level checks that we already perform. But I understand your position. > > I hope this clarifies things. Like I said, "no" is an acceptable > > answer for us but I would be remiss if I didn't ensure that the "no" > > was based on an accurate understanding of what we are proposing, so > > hopefully this helps. > > It does help, but not enough to change my previous stance. OK, thanks for the feedback. -- - DML • he/him
