|
|
|
Greg Newby: 05/06/2007 4:46 AM EDT
|
| |
Action: |
Update
resolution changed from PUBLISHED to none (no value)
|
|
|
Greg Newby: 07/13/2005 1:14 AM EST
|
| |
Comment: |
Mass Update
|
| |
Action: |
Update
artifact_status changed from Open to Closed
close_date changed from - to 2005-07-12 22:14:48
resolution changed from <None> to PUBLISHED
|
|
|
Stacey Giannese(disabled): 11/23/2004 12:48 PM EST
|
| |
Comment: |
Mass Move
|
| |
Action: |
Update
artifact_group changed from SEC to <None>
artifact_status changed from Closed to Open
assigned_to changed from 111 to 100
Category changed from Informational to <None>
group_artifact_id changed from Submit GGF Draft to Published
resolution changed from Published to <None>
|
|
|
|
|
|
|
Greg Newby: 11/22/2004 7:42 PM EST
|
| |
Comment: |
Some final edits that Stacey can apply, or I will. Stacey, I had grabbed #37 earlier today, so this can be #38, or we can change the other.
Yes, the first page can be entirely removed, and the date should be November 23 2004 on all pages (or a similar date).
I think the copyright notice is right, but should be 2004, not 2003.
Otherwise, I agree this is looking good, and pending these few changes is approved for publication. Thanks very much for your efforts!
|
| |
Action: |
Update
|
|
|
Greg Newby: 11/22/2004 7:42 PM EST
|
| |
Action: |
Update
artifact_status changed from Final Editor Review to Closed
assigned_to changed from 302 to 111
close_date changed from - to 2004-11-22 15:42:38
Priority changed from 1 to -
resolution changed from <None> to Published
|
|
|
Markus Lorch: 11/12/2004 7:56 AM EST
|
| |
Comment: |
Greg,
I looked at the edits made and noted the following:
- shouldn't the first page be removed for the final version
- the date on all but the first document page was changed
to "November 2004" the revised date on the first page
reads 2004-10-15
- I am not sure if the copyright notice is the latest version,
it lists 2003 as the year.
|
| |
Action: |
Update
|
|
|
Stacey Giannese(disabled): 11/08/2004 12:51 PM EST
|
| |
Comment: |
Greg-
I've made modifications and uploaded a new version for your review before pubications and to make into a pdf.
|
| |
Action: |
Update
|
|
|
|
|
Greg Newby: 10/28/2004 10:31 AM EST
|
| |
Action: |
Update
Priority changed from 2 to 1
|
|
|
|
|
Stacey Giannese(disabled): 10/25/2004 11:40 AM EST
|
| |
Action: |
Update
artifact_status changed from Author Reviewing Edits to Final Editor Review
resolution changed from Returned to Authors/Group to <None>
|
|
|
Markus Lorch: 10/15/2004 11:39 AM EST
|
| |
Action: |
Update
artifact_status changed from Pending Info from Authors to Author Reviewing Edits
|
|
|
Markus Lorch: 10/15/2004 11:38 AM EST
|
| |
Action: |
Update
File Deleted changed from 455: draft-ggf-authz-framework-20041015.doc to none (no value)
|
|
|
|
|
Markus Lorch: 10/15/2004 11:37 AM EST
|
| |
Comment: |
Comments have been addressed by me as the document editor. I am asking for a final review and endorsement by co-authors by Friday Oct. 22,2004 (see
mail to the authz-wg list). If no problems are found I would release the document for final GFSG review after this date.
The attached document has change-tracking enabled so my modifications are easily visible. Detailed discussion of changes will take place on the
mailing list.
Markus
|
| |
Action: |
Update
|
|
|
Markus Lorch: 10/15/2004 11:37 AM EST
|
| |
Action: |
Update
File added set to 455: draft-ggf-authz-framework-20041015.doc
|
|
|
|
|
Markus Lorch: 10/15/2004 11:37 AM EST
|
| |
Comment: |
Comments have been addressed by me as the document editor. I am asking for a final review and endorsement by co-authors by Friday Oct. 22,2004 (see
mail to the authz-wg list). If no problems are found I would release the document for final GFSG review after this date.
The attached document has change-tracking enabled so my modifications are easily visible. Detailed discussion of changes will take place on the
mailing list.
Markus
|
| |
Action: |
Update
|
|
|
Greg Newby: 10/05/2004 5:12 PM EST
|
| |
Comment: |
(Updating status to indicate we are awaiting author action. gbn)
|
| |
Action: |
Update
|
|
|
Greg Newby: 10/05/2004 5:12 PM EST
|
| |
Action: |
Update
artifact_status changed from Final 15day GFSG Review to Pending Info from Authors
resolution changed from <None> to Returned to Authors/Group
|
|
|
Stacey Giannese(disabled): 09/28/2004 1:17 PM EST
|
| |
Comment: |
Author needs to apply some edits to this document before it can go into final GFSG review. New version of the document will be uploaded shortly.
|
| |
Action: |
Update
|
|
|
Stacey Giannese(disabled): 09/28/2004 1:09 PM EST
|
| |
Action: |
Update
artifact_status changed from Public Comment Period to Final 15day GFSG Review
|
|
|
Dane Skow: 09/23/2004 8:38 AM EST
|
| |
Comment: |
Olle,
You'll have to shepherd this since I'm an author.
AD's comment is expected to document concurrance publicly.
Dane
|
| |
Action: |
Update
|
|
|
Dane Skow: 09/23/2004 8:38 AM EST
|
| |
Action: |
Update
assigned_to changed from 100 to 477
|
|
|
Steve Crumb: 09/23/2004 5:46 AM EST
|
| |
Comment: |
User removed
|
| |
Action: |
Update
assigned_to changed from 114 to 100
|
|
|
|
|
|
|
Stacey Giannese(disabled): 07/29/2004 11:39 AM EST
|
| |
Comment: |
Document has now finished public comment period but no comments were made so document will re-enter another 30 day public comment period.
Due date: 8-29-04
|
| |
Action: |
Update
|
|
|
|
|
Stacey Giannese(disabled): 06/29/2004 9:45 AM EST
|
| |
Comment: |
Document will now enter a 30 day public comment period. Due date: 7-29-04
|
| |
Action: |
Update
|
|
|
Jennifer Schopf: 06/24/2004 8:46 PM EST
|
| |
Action: |
Update
Priority changed from 5 to 3
|
|
|
Steve Crumb: 06/24/2004 4:00 PM EST
|
| |
Action: |
Update
artifact_status changed from AD Review to Public Comment Period
assigned_to changed from 114 to 111
resolution changed from Returned to Authors/Group to <None>
|
|
|
Marty Humphrey: 06/24/2004 8:31 AM EST
|
| |
Comment: |
Comments on AuthZ Framework
Page 5: 2nd paragraph: "bases" should be "basis"
In the first paragraph of section 2, can the authors better differentiate this document from the other work? Why don't these other documents suffice
in place of the GGF document? I'd like to see a stronger statement than "[these works] have influenced our framework."
Re: the definitions on p.6: The document defines "subject", "resource", and "authority", but these definitions are disclaimed with " This terminology
will be more refined during the course of the document." Can't these terms be defined just once, completely?
The document consistently misuses "i.e.," as "i.e." and "e.g., " as "e.g."
The document defines an Authority as "An administrative entity that is capable of and authoritative for issuing, validating and revoking an electronic
means of proof such that the named subject (a.k.a. holder) of the issued electronic means is authorized to exercise a certain right or assert a
certain attribute." I am particularly uncomfortable with the phrase "electronic means of proof", which is awkward at the least. Can "means of proof"
be replaced with "assertion" (which the document freely uses in the next paragraph)?
The document never actually states that the general procedure re: authorization (e.g.,is first to authenticate and then to authorize. That is,
authentication is a NECESSARY first step. Why does the document not mention this? The authors imply (e.g., in the "three distinct processes"
enumeration at the bottom of p. 6) that this is authenticate-then-authorize is not true. Can't this be simply stated in the document?
In this "three-distinct processes", can "executable policy" be replaced by the phrase "digital representation of the policy"? The policy itself is not
"executable". Policy engines may interpret it, but it is not "executable".
Middle page 7, part c is currently "The signing of a record of an Authorization as to assert its authority." I don't know what this means.
I don't know if I agree with the document's mapping of RFC2904 to the document's terminology. Specifically, the document states that the RFC2904 "AAA
Server" is "a server acting on behalf of the Authorization Authority". For one thing, the AAA Server could be precisely the Authorization Authority,
not acting on behalf of it. For another, the AAA server could be focused on Accounting, which has nothing to do with Authorization.
Top of page 9, in the description of the authorization push sequence, the document contains " This assertion should have a validity time window
associated with it." Isn't this being prescriptive, and as such is out of the scope of the document? That is, what is the implied meaning of "should"?
p.17: " Some of the issues that are addressed by policy management is who can create�" should be " Some of the issues that are addressed by policy
management are who"
Overall, it's a nice document, although it's redundant at times. I suspect that this is because separate individuals were assigned separate sections.
Perhaps the editor of this document (Lorch) can go through and compress the redundant parts? Perhaps he believes he has already done this?
Finally, Section 6 ("related standards") could be improved by, instead of simply enumerating the related work such as SAML and XACML, the related work
should be described as fitting into a particular place in Figure 3.1, which is the "generic" AuthZ architecture in this GGF document.
|
| |
Action: |
Update
|
|
|
Marty Humphrey: 06/24/2004 8:31 AM EST
|
| |
Action: |
Update
resolution changed from <None> to Returned to Authors/Group
|
|
|
Dane Skow: 06/01/2004 6:27 PM EST
|
| |
Comment: |
I am an author for this document and will have to recuse myself from GFSG review.
|
| |
Action: |
Update
|
|
|
Dane Skow: 06/01/2004 6:27 PM EST
|
| |
Action: |
Update
assigned_to changed from 497 to 114
|
|
|
Markus Lorch: 04/08/2004 5:25 PM EST
|
| |
Comment: |
Added references based on Mary Thompson's comments
|
| |
Action: |
Update
|
|
|
|
|
|
|
Lavanya Ramakrishnan: 03/23/2004 9:18 AM EST
|
| |
Comment: |
I have contributed to this document and agree with the contents of the document
|
| |
Action: |
Update
|
|
|
None: 03/22/2004 9:14 AM EST
|
| |
Comment: |
I have contributed to this document and I have participated in the editing and review. I agree with the contents of this document and I endorse it.
Rich Baker
|
| |
Action: |
Update
|
|
|
Stacey Giannese(disabled): 03/19/2004 3:56 PM EST
|
| |
Action: |
Update
assigned_to changed from 108 to 497
Priority changed from - to 5
|
|
|
|
|
|
