Ticket #295 (closed issue: wontfix)

Opened 13 years ago

Last modified 12 years ago

[DS] is there a need for non-NDG security tags in CSML?

Reported by: domlowe Owned by: domlowe
Priority: discussion Milestone: PreBeta
Component: CSML Version:
Keywords: Cc:

Description

If we cut and paste the security from MOLES to CSML, aren't we then limiting CSML to only using NDG security? And is this a problem? If it is a problem do we need a (simple!) structure that can contain other (or indeed multiple) access control policies?

Currently MOLES does allow for a pointer to a URI or for text, but does not allow 'custom' tags for the case where someone is using CSML completely outside the NDG secuity domain and requires their own security metadata within the document.

eg.

<myNamespace:mySecurityCondition>

<myNamespace:someValue> </myNamespace:someValue>

</myNamespace:mySecurityCondition>

Change History

comment:1 Changed 13 years ago by domlowe

  • Status changed from new to assigned

comment:2 Changed 13 years ago by selatham

Speaking to Sam Pepler just now - non-ndg security option is definately required. For BADC the URI pointer may be OK though. Needs more discussion with BADC. However, if we allow bespoke tagging how do we know what to do with the content, what service to call etc.?

comment:3 Changed 13 years ago by domlowe

I was originally talking about the case where bespoke tagging is required for use outside NDG. eg. Somebody is using CSML in their own application/security infrastrcture. So I think in this case they would know what to do with their own tags (but the parser etc would need to parse bespoke content).

In the case of the BADC, then I agree it needs more discussion.

comment:4 Changed 12 years ago by domlowe

  • Status changed from assigned to closed
  • Resolution set to wontfix

Not likely to do anything about this right now (unless it becomes a real requirement).

Note: See TracTickets for help on using tickets.