[TSG-Access-RD] Required System Features

Hollenbeck, Scott shollenbeck at verisign.com
Fri Jan 18 20:19:39 UTC 2019


Here's my surely-incomplete attempt at responding to my "required system features" homework assignment using IETF RFC 2119 key words:

The system MUST be able to determine whether a supplicant is authorized for access to non-public data.

The system MUST be able to receive and process queries from supplicants who are not authorized for access to non-public data.

The responsibility for authorization determination MUST be centralized within ICANN.

The technical implementation for authorization determination MAY be delegated to agents that are qualified and appointed by ICANN.

The system MUST be able to associate attributes with an identity that can be used to determine an end user's level of authorization for every query.

The system MUST be able to support multiple authorization classes.

The system MUST be able to make data element access control decisions based on a supplicant's authorization class.

The technologies used to implement supplicant authorization MUST be based on current Internet standards.

The system MUST support synchronous processing for both public and non-public data queries.

The system MUST support asynchronous processing for non-public data queries.

The system MUST support a distributed data model.

The system MUST include features to log all queries.

The system MUST be able to meet documented performance requirements.

Scott


More information about the TSG-Access-RD mailing list