Issue 18313: clarify GEMS authentication (gems-rtf) Source: Amergint Technologies (Mr. Rob Andzik, andzik(at)amergint.com) Nature: Uncategorized Issue Severity: Summary: Authentication of a GEMS user is loosely defined in the specification. This should be clarified and include a better definition of how credentials are passed in, what is the roll (if any) of SSL and similar transports, and how do proxies handle authentication. In particular, how does a GEMS user grab control of a system without creating a race condition. Resolution: Revised Text: Actions taken: December 13, 2012: received issue Discussion: End of Annotations:===== M-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:mime-version:date:message-id:subject:to:content-type; bh=Vrh8m8iQdMpMFWl2HlCLbj2P9qc+TfHRH2j29GZcykM=; b=wOn95xQp7o2+vtkoJQrqWpPa3pFKBLQpQa67zdBqT21yBfugdRA2Jr/zuN+DqfGnT4 33j4uOsMhOrTQtndqmRT2bgubPN+eWNapKlgJkTMYasMjgthUWjN+3SHffq41aram9Gs npXoBMTZ/wlfy2FAEHk0KvHSa6Hf7M7cRzz5WqEAzyD39T3K1dKN+qUUBGeQc/w/XQHA ybkXqMSl2suFz+cB5kQ1pD4du5ahf0KdzESAl8t39LZzaGQuytKcProXnwnjZ5t7t1NX RjobEAgMZTcn8bVM+w2eRTcI+JGZXK74SvMTOIhjfgwc7tUr6aNtNglZbAS4N+XpF70A vRCQ== From: Rob Andzik Date: Thu, 13 Dec 2012 11:15:34 -0800 Subject: GEMS issues To: Juergen Boldt Juergen We would like to file three new issues against GEMS for 1.3 1) clarify GEMS authentication Authentication of a GEMS user is loosely defined in the specification. This should be clarified and include a better definition of how credentials are passed in, what is the roll (if any) of SSL and similar transports, and how do proxies handle authentication. In particular, how does a GEMS user grab control of a system without creating a race condition. X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:from:date:message-id:subject:to:content-type :x-gm-message-state; bh=1Ue45+Msee/A8Jj3aCVHqWA4rJAofRuVQfh2jzDMj7E=; b=Y4CWnksC/L17eGst1qotE6TKG0/VvDBaFnl/sV4y9V+33WknnwD6u0O3GR08dEW2WK b1GWEsOLpV/PzEGmV2yzRCrw+T2sxJCX3pD+C8wEjXkiEGOzD05TqV/tpyJl+AA+Xt6J GF6Hj5Q+dsv/V95RdFPS3QOK0iLWa23Rvq3ncXWxg8lOv0aKmx3g4PdIMYVKIDEndXVe Da2NwBRrUbjBX1hc0v22N/kY/ATqsivvssa3kgThe70HbvtXA4Q9corkwb8lG9UVOPlc PxpZeTpudZgLTZlDqw/q2KLNvhs/s4SxtccWVZfVrqurqjkARdC6yG6lbc3o/tExznom ZQ2w== X-Received: by 10.112.144.35 with SMTP id sj3mr8250622lbb.4.1374268691906; Fri, 19 Jul 2013 14:18:11 -0700 (PDT) From: Rob Andzik Date: Fri, 19 Jul 2013 15:17:51 -0600 Subject: Issue 18313: clarify GEMS authentication (DISCUSS) To: "gems-rtf@omg.org" X-Gm-Message-State: ALoCoQkqapvZjl+h/evo2aDFur6InoA9d/cm3aV9xPnaIm/EwA/r6xeDDUsDK3ynV/gY+yc/9rtD X-Virus-Scanned: amavisd-new at omg.org Issue 18313: clarify GEMS authentication This is a bigger issue. Nigel is taking the lead on this one and has taken a stab at suggested changes. I've included Nigel's draft document below. -- Rob ---------- Forwarded message ---------- From: Thompson, Nigel Date: Tue, Jul 16, 2013 at 10:23 AM Subject: GEMS 1.3 Change Proposals To: "andzik@amergint.com" Rob, Here are my notes on the changes to GEMS for 1.3 I forgot to add GEMS ASCII examples for the authentication . I.ll add that shortly. The XML needs a little clean-up in places (namespaces etc) and again, I.ll do that later. Send me your comments and I.ll incorporate with my cleanup and send it back to you. Nigel Content-Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document; name="GEMS 1.3 Change Proposals.docx" Content-Disposition: attachment; filename="GEMS 1.3 Change Proposals.docx" X-Attachment-Id: f8a70346c91d732c_0.0.1 GEMS 1.3 Change Proposals.docx GEMS 1.3 Change Proposals.docx X-Env-Sender: nthompson@rtlogic.com X-Msg-Ref: server-10.tower-219.messagelabs.com!1374501860!2234970!1 X-Originating-IP: [207.109.164.59] X-StarScan-Received: X-StarScan-Version: 6.9.9; banners=-,-,- X-VirusChecked: Checked From: "Thompson, Nigel" To: "andzik@amergint.com" , "gems-rtf@omg.org" Date: Mon, 22 Jul 2013 08:04:18 -0600 Subject: RE: Issue 18313: clarify GEMS authentication (DISCUSS) Thread-Topic: Issue 18313: clarify GEMS authentication (DISCUSS) Thread-Index: Ac6ExYSuOJ35O77aSSaX2br87njXsQCHr1rA Accept-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: acceptlanguage: en-US X-Mlf-Version: 7.4.2.7667 X-Mlf-UniqueId: o201307221404200039958 X-Virus-Scanned: amavisd-new at omg.org I think that the notes I sent are rather incomplete. Please let me know if any of you have questions and I.ll update this doc and re-circulate Nigel From: Rob Andzik [mailto:andzik@amergint.com] Sent: Friday, July 19, 2013 3:18 PM To: gems-rtf@omg.org Subject: Issue 18313: clarify GEMS authentication (DISCUSS) Issue 18313: clarify GEMS authentication This is a bigger issue. Nigel is taking the lead on this one and has taken a stab at suggested changes. I've included Nigel's draft document below. -- Rob ---------- Forwarded message ---------- From: Thompson, Nigel Date: Tue, Jul 16, 2013 at 10:23 AM Subject: GEMS 1.3 Change Proposals To: "andzik@amergint.com" Rob, Here are my notes on the changes to GEMS for 1.3 I forgot to add GEMS ASCII examples for the authentication . I.ll add that shortly. The XML needs a little clean-up in places (namespaces etc) and again, I.ll do that later. Send me your comments and I.ll incorporate with my cleanup and send it back to you. Nigel smime9.p7s smime9.p7s