- From: Paddy Byers <paddy.byers@gmail.com>
- Date: Wed, 12 May 2010 14:47:46 +0100
- To: steve.lewontin@nokia.com
- Cc: Laura.Arribas@vodafone.com, public-device-apis@w3.org, Frederick.Hirsch@nokia.com
Received on Wednesday, 12 May 2010 13:48:15 UTC
Hi, In general I support Laura's proposal, though I think a number of details > are going to have to be worked out. It makes a lot of sense from the point > of view of policy management to make the simplifying assumption that trust > and access policies are orthogonal and can be specified and managed > separately. But it is certainly the case that trust and access policies do > tend to get intertwined in practice: > I agree with the principle that we should seek to be able to define them independently in the way that the Nokia model does, so the next step is to work through these details and see what we find. There are clearly some simple cases we can deal with. For example, in a BONDI policy you can have a subject match as a condition in an individual rule, as well as in the target of a policy. However, you could model an equivalent policy by putting that rule in its own policy, combined with the others in the appropriate way, and move the subject match out of the rule and into the (new) enclosing policy. The issues of the overlap, predecence, etc of policy targets (== trust domains) will be more complex but I think that it will be possible to establish a mapping for most or all cases. Thanks - Paddy
Received on Wednesday, 12 May 2010 13:48:15 UTC