Issue 2030: Inconsistency between IDL and spec (sec-rev) Source: (, ) Nature: Clarification Severity: Significant Summary: Summary: Inconsistent definitions of whether own_credentials is thread specific, object specific (?), or application/process/capsule specific. Resolution: Revised Text: Actions taken: October 2, 1998: received issue November 13, 1998: closed issue Discussion: End of Annotations:===== Return-Path: X-Authentication-Warning: marcy.adiron.com: polar owned process doing -bs Date: Fri, 2 Oct 1998 14:42:43 -0400 (EDT) From: Polar Humenn To: issues@omg.org, sec-rev@omg.org, secsig@omg.org Subject: Inconsistency between IDL and spec Document: Security 1.2 Draft 5 January 1998 Severity: Serious Nature: Clarification Summary: Inconsistent definitions of whether own_credentials is thread specific, object specific (?), or application/process/capsule specific. The paragraph 4 of 15.5.6.1 Security Operations on Current, Description of the specification on page 15-98: o own credentials: the credentials associated with the active object. A particular object may have its own credentials or may share credentials with other objects. An object's own credentials are normally set up as the result of the object (or the environment domain to which it belongs) being intialized. --- Paragraph 6 states: o own_credentials (capsule specific) attribute containing the credentials owned by the application. -- Paragraph 7 of section 15.5.6.3 The SecurityLevel2::Current Interface, page 15-102 states: own_credentials Any application owns a set of credentials which it obtains throught the process of authentication of the principal that initialites the execution of the program..... -- Section A.4 Applicaiton Interfaces- Security Functionality Level 2 page 15-281 Consoldated IDL says interface Current : SecurityLevel1::Current { //Locality Constrained // Thread specific operations readonly attribute CredentailsList received_credentials; readonly attribute CredentialsList own_credentials; readonly attribute Security::SecurityFeatureVauleList received_security_features; which implies that own_credentials is thread specific. Discussion: I believe we strived to make own_credentials a capsule specific, due to the nature of unseparability of application code within the process. I don't understand the first point that states the own credentials belongs to the object. Current cannot figure out which object is calling the PrincpalAuthenticator. Own credentials is not paramterized on object. I think we tried this, and we bagged it. However, Current can tell the thread of execution, but it doesn't make that much sense unless we have a formal CORBA threading model with interfaces beyond the thread of servicing a client request. Therefore, I suggest we should make own_credentials consistantly capsule specific throughout. Comments? ------------------------------------------------------------------- Polar Humenn Adiron, LLC President 2-212 Center for Science & Technology mailto:polar@adiron.com CASE Center/Syracuse University Phone: 315-443-3171 Syracuse, NY 13244-4100 Fax: 315-443-4745 http://www.adiron.com