Wiki Navigation

← Previous Change
Page History
Next Change →

Changes between Version 7 and Version 8 of AuthImpl

Author:: gtw (IP: 155.98.60.98)
Timestamp:: 02/06/09 15:07:32 (2 years ago)
Comment:: Use privileges from the CFA in the example, and refer to delegation instructions.

Legend:

: Unmodified
: Added
: Removed
: Modified

AuthImpl

v7	v8
136	136	Joe's GID
137	137	MySlice GID
138		[~~delete:1, modify~~:1])
	138	[control:1, instantiate:1])
139	139	A digital signature over credential #1
140	140	}}}
141		This credential says that the owner ~~may delete or modify~~ the slice, and that he can
	141	This credential says that the owner has "control" and "instantiate" permission over the slice, and that he can
142	142	delegate those privileges to someone else. The digital signature prevents any modification
143	143	of the credential, verifiable back to the trusted root certificate of the Slice Authority
151	151	Mary's GID
152	152	MySlice GID
153		[~~modify~~:0])
	153	[instantiate:0])
154	154	(ID #1
155	155	Joe's GID
156	156	MySlice GID
157		[~~delete:1, modify~~:1]))
	157	[control:1, instantiate:1]))
158	158	A digital signature over credential #1
159	159	A digital signature over credential #2
160	160	}}}
161		This new credential allows Mary to ~~modify the slice, but not delete~~ it. The credential
	161	This new credential allows Mary to instantiate the slice, but not control it. The credential
162	162	cannot be further delegated since there are no privileges specified with the delegate bit
163	163	set. The second digital signature covers the new credential (referenceduby ID!#2), which
176	176	have been passed along. If this check passes, then the credential is considered valid.
177	177
178		Delegation is ~~not operational yet, but it being worked on. Check back~~
179		later.
	178	Delegation is operational in sufficiently recent CVS revisions, and is being actively worked on.
	179	An [wiki:DelegationExample example] of using the delegation tools is available.
180	180
181	181	=== CRLS ===