Skip to main content

2023-01-16 Scope

This meeting was scheduled to determine the scope of the challenge and to make sure it was covered from multiple angles. 4 different vendors attended the meeting.

Resources

Video available @ youtube

Presentation available

Conclusion

The following points were concluded from the meeting:

  • An authorization must be usable by any node/app from the organization which is authorized.
  • Any node/app of an organization must accept this authorization
  • Authorizations must only be issued to nodes that support the use-case
  • Nodes/apps that issue authorizations must be authorized by the organization to do so for a use-case
  • Authorizations must be automatically issued/revoked/sent when the topology changes (new nodes, nodes removed)
  • The trust between the authorization issuer and authorization verifier within an organization requires extra care

Addtional notes

Currently the Nictiz qualification process can only qualify a pair of vendors/applications where each party covers the entire side of a use-case. Eg 1 side covers sending and the other receiving. It was concluded that to support multiple vendors properly, a combination of vendors at one side must be able to qualify as well.