Changes between Version 5 and Version 6 of AbacTools

Show
Ignore:
Timestamp:
05/16/12 12:35:04 (7 years ago)
Author:
prateek (IP: 174.109.212.129)
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • AbacTools

    v5 v6  
    2727          --issuerrole GeniPI --subjectcert <path to GOC's certificate file> --subjectrole GeniIdP.GeniPI 
    2828}}} 
     29 
     30=== PodAddLink === 
     31There can be cases where one entity might have its policy dependent on some other entity's policy. In such cases we need a way to link policies. We extended POD with support for links, which enable creation of unidirectional links from one identi er (subject or a subject-scope pair) to another. A fetch based on an identi er not only fetches credentials associated with it but also the ones associated with the linked identi er, if any. PodAddLink is the tool to create a link from one identifier to another. 
     32 
     33There is another issue with POD that gets solved with the help of links. In case of POD, a credential can be associated with only one identity: the entity uploading the credential. So, for a credential to be associated with its subject (the one for whom the credential is issued), the subject needs to get the credential from the issuer through some other channel. The way to solve this issue in POD is to make the issuer upload the credential, and then make the subject create a link to the already uploaded credential. 
     34 
    2935 
    3036=== Identity Provider ===