rxgk CombineTokens and enctypes (was Re: [AFS3-std] Re:
afs3-rxgk-updates for 03)
Jeffrey Hutzelman
jhutz@cmu.edu
Sat, 03 Nov 2012 14:49:16 -0400
On Sat, 2012-11-03 at 14:34 -0400, Benjamin Kaduk wrote:
> Simon trimmed the bit where Jeff wrote:
> > > Yes, I would say that "union" is not the right word. I think you end up
> If we agree that "union" is not the right word (it sounds like Simon
> agrees?), then we cannot talk of a "list" of identities, either.
Ok, I don't think that's true. As you noted, "union" implies an
unordered set, and that won't do for some of the application needs. But
an ordered list would work just fine. The question is, do we
(a) say that a token has an ordered list of identities, specify rules
for combining identity lists when tokens are combined, and leave it up
to applications to derive authorization from the identity list when a
token is used, or
(b) treat the token as having a single, possibly complex, identity, and
leave it up to the application to determine how to combine them when
tokens are combined.
I think either option is workable, provided we are clear that it matters
what order the tokens are presented in, because in (a) the application's
authorization function may not treat all identities in a token the same,
and in (b) the combine-identities operation may not be commutative.
> But, going back and actually searching through the document, "list of
> identities" only appears in this line where the "list of identities is the
> union of", so the changes needed actually are localized. Something like
> "[user] identity information associated with the tokens are combined in an
> application-specific manner" should suffice, I think.
Yes, that sounds like it should work.
-- Jeff