At 12:39 PM 5/30/02 -0500, Andre Beck wrote:
> I think section 5 or section 6 should say something about honouring
> the security/privacy requirements of the endpoints of the
> "original" transfer (the provider and/or consumer). In particular,
> if either party has provided authority for limited kinds of
> processing to be performed, the extent of that authority should be
> communicated to the callout processor.
Isn't that rather a requirement for "endpoint authorization and
enforcement" rather than for the callout protocol?
Yes, IMO the data dispatcher on the OPES processor is responsible for the
enforcement of endpoint authorization and uses the callout protocol as a
means to request the execution of specific OPES services on a remote
callout server. So I don't think there is a need to communicate endpoint
authorizations to callout servers.
I think that's OK if:
(a) the callout processor can be trusted by the dispatcher to not save or
distribute the information provided beyond the immediate requirements of
processing, and
(b) it is clear that the callout processor only performs transformations
that are explicitly requested by the dispatcher.
Should that much be mentioned in security considerations?
#g
-------------------
Graham Klyne
<GK(_at_)NineByNine(_dot_)org>