---------------------------------------+------------------------------------
Reporter: martin.thomson@… | Owner: martin.thomson@…
Type: defect | Status: new
Priority: minor | Milestone:
Component: held-identity-extensions | Version:
Severity: Candidate WG Document | Keywords: policy identity
---------------------------------------+------------------------------------
Comment(by martin.thomson@…):
Proposed additions:
''A new paragraph after the cited section seems appropriate:''
Authorization policy can be affected by a subjective network view if it
is applied based on an identifier, or it's application depends on
identifiers. The subjective view presented to the LIS and Rule Maker need
to agree for the two entities to understand policy on the same terms. For
instance, it is possible that the authorization policy applied by the LIS
is entirely incorrect if authorization policy is selected using a
subjective identifier. Alternatively, policy might be incorrectly applied
if identifiers differ.
''Minor addition in later paragraph to back-ref this addition:''
A LIS can be configured to recognize scenarios where the subjective view
of a requester '''or Rule Maker''' might not coincide with the view of the
LIS. The LIS can either provide location information that takes the view
of the requester into account, or it can reject the request.
''I looked at the security considerations, but it doesn't seem appropriate
to add anything more there. This section is already referenced.''
--
Ticket URL: <http://trac.tools.ietf.org/wg/geopriv/trac/ticket/27#comment:1>
geopriv <http://tools.ietf.org/geopriv/>
_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www.ietf.org/mailman/listinfo/geopriv
