[AFS3-std] rxgk CombineTokens and enctypes (was Re: Re: afs3-rxgk-updates for 03)
Simon Wilkinson
simon@sxw.org.uk
Wed, 7 Nov 2012 12:50:43 +0000
On 7 Nov 2012, at 01:39, Benjamin Kaduk wrote:
>> [After the lifetime, byte-life, etc fields are specified]
>> + The identity in the new "combined" token is an application-specific
>> + combination of the identities of the input tokens; note that this
>> + combination may not be commutative.
>=20
> In particular the combined identity need not represent either the =
union nor intersection of the privileges associated with the two =
identities. (Right? I had asked rougly this question earlier but I =
don't think I got a reply.)
Right. The nature of the combined entity is entirely up to the =
application. It can chose to use as much (or as little) information from =
the provided tokens as it wishes. I wonder if we can be even less =
specific, and just have:
+ The identity in the new "combined" token is an application-specific
+ combination of the identities of the input tokens.
Application specific covers that it may, or may not be, commutative.
Cheers,
Simon