[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Wording of Authorization deefinition (was Re: protocol-27 comments #3)
- To: Jim Sermersheim <jimse@novell.com>
- Subject: Re: Wording of Authorization deefinition (was Re: protocol-27 comments #3)
- From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
- Date: Mon, 8 Nov 2004 20:44:21 +0100
- Cc: ietf-ldapbis@OpenLDAP.org
- In-reply-to: <s18f68e4.004@sinclair.provo.novell.com>
- References: <s18f68e4.004@sinclair.provo.novell.com>
Jim Sermersheim writes:
>>>> Hallvard B Furuseth h.b.furuseth@usit.uio.no> 11/8/04 5:59:28 AM >>
>>> 4.2. Bind Operation
>>
>>> Authorization is the decision of which access an operation has to
>>> the directory. Among other things, the process of authorization
>>> takes as input authentication information obtained during the bind
>>> operation and/or other acts of authentication (such as lower layer
>>> security services).
>>
>> Authorization can also - or instead - take as input information which
>> is not normally considered acts of authentication, such as the IP
>> number of time of day.
Heh. I tied "Among other things," to the wrong part of the rest of the
sentence. Can't see how I managed that...
--
Hallvard