[cap-talk] YURLs (or alternatives) and recording the delegation paths?
Rob
rmeijer at xs4all.nl
Fri Jun 9 08:07:02 EDT 2006
Looking at the subject of auditing, I seem to run into the facts that
proxy based delegation recording is rather akward in a distributed
enviroment. As an alternative it occured to me that some form of (bound)
YURLs may be constructed that could themselves record the delegation
paths.
The basic idea would be that some sort of bound yurl (byurl?) would
contain information on who it was issued to. This party could than use it
directly
itself or delegate it, but on delegation would have to add information on
who it is delegated to and would than have to sign this information.
The resulting byurl would thus for all practical purposes have the same
flexible use as regular yurls, but would contain a trace of the delegation
path that is usable for auditing purposes. As an added bonus you would
never need to worry about yurl theft as the byurl would need to be
explicitly delegated to any party that would want to use it.
I was wondering if anyone has done work on looking into that line of
working, and if so what were the conclusions ?
Tnx,
Rob
More information about the cap-talk
mailing list