OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 


 

   RE: [xml-dev] Blended Authentication (AKA "Granular Access Control")

[ Lists Home | Date Index | Thread Index ]

 

> 
> -----Original Message-----
> From: W. E. Perry [mailto:wperry@fiduciary.com] 
> Sent: Thursday, May 08, 2003 9:12 AM
> To: XML DEV
> 
> If I may ask, without I hope sounding too petulant:

I think your hope is unfulfilled.

> 
> What does this cartelization (with a rigidity of rules, 
> permissions, and hopelessly intertwined processes that even 
> most colluders-in-restraint-of-trade would be loath to 
> subject themselves to) have to do with distributed computing, 
> web services, or loosely-coupled processes harnessed in 
> cooperation to implement custom workflows?

The primary difference between your point of view and that of the
promulgators of the specs in question, as far as I can tell, is that they
believe that establishing trust between nodes in the internetwork is both
desirable and possible and you do not.

> AFAIK we were not 
> at work here on the bureaucratic blueprint for policies and 
> procedures of interdepartmental cooperation in, say, the US 
> federal government--or at least I didn't think that was what 
> the operating standards of an open worldwide internetwork 
> were supposed to resemble. In fact, I thought the point was 
> that the epochal influence would go in the other direction:  
> the success of lightweight, autonomous processes exploited 
> for unanticipated functionality precisely because they were 
> openly available should persuade the ossified hierarchs that 
> adopting the new model was their only alternative to extinction.

Ossified heirarchs have amazing staying power.

> 
> Specific to this thread's questions of authentication:  in a 
> world of 'web services' (as opposed to top-down system-wide 
> delegation of function) 'need to know' is a specious concern 
> because the processing which produces data of a particular 
> form is divorced from (and likely knows nothing of) 
> downstream processes which make various uses of that data. 

In your view of the world, that is true. I think your view describes many
important scenarios, but you have blinded yourself to an entire range of
useful application interactions.

> Even when handling the 'same' data at various stages of what 
> might appear to a particular observer as a pipeline, 
> processes are separated from both the previous and the 
> subsequent forms of that data and therefore from the 
> particular semantics which might attach to that data in the 
> execution of prior and of subsequent processes. IMHO this is 
> as close as we will ever come to the separation of data from 
> process--and it achieves that goal sufficiently to force us 
> to reconsider what we mean by authentication and what it is 
> precisely that we are trying to secure. The sort of 
> authentication which Messrs. Chiusano and Cavnar-Johnson are 
> discussing is predicated on the semantics of given data being 
>  a) inherently deserving of protection or securing from 
> untrusted eyes and  b) remaining substantially identical as 
> the data is passed from process to process or user to user.

I don't understand why you assert b).  What happens to the data is
completely orthogonal to the authentication issues.

> I 
> argue that as the (most important, by
> far) consequence of a 'web services' design, both of these 
> assumptions are demonstrably false. 

I have read your assertions of these points over and over and I have come to
the conclusion that you and I will never agree on these points.

> The concerns on which 
> they are pontificating are therefore from a different realm 
> than web services. 

I was answering Joseph's question, which was a factual one about whether
there was a spec that covered a particular scenario. For you to assert that
we were "expressing opinions or judgments in a dogmatic way" is laughable.

> Unfortunately if such concerns are 
> seriously discussed as material to the implementation of web 
> services there is the very real possibility that we may find 
> ourselves thereby designing systems which, because of this 
> crucial distinction, are not web services but which will be 
> constrained to the sclerotic (and dare I say paranoid?) 
> notions of security and authentication which this thread of 
> discussion thus far evidences.
> 
> Respectfully,


Why do you close your emails with the word "Respectfully" when you have
filled your writing with words chosen for their offensive connotations
(colluders-in-restraint-of-trade, ossified, sclerotic, paranoid, and
pontificating)? I think your invective does your position more harm than you
realize.





 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS