<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><br><div><div>On 9 Oct 2008, at 22:27, Brian Degenhardt wrote:</div><blockquote type="cite"><div><font class="Apple-style-span" color="#000000">Snip......</font></div></blockquote><br><blockquote type="cite"><div><br>I'm not saying AAA shouldn't be done, just that we're not admitting<br>defeat by punting it up to the orange stuff. As I mentioned earlier,<br>Switchvox has very fine-grained permissions, it's just implemented<br>outside of Asterisk. In the same way, most web frameworks use<br>cookie-based authentication based on business rules, and forgo the whole<br>HTTP Basic/Digest Auth mechanisms altogether.<br><br>cheers<br>-bmd<br></div></blockquote></div><br><div>As an ex-security person I know the value of ensuring that security</div><div>is built in to the design, not tacked in as an after thought.</div><div><br></div><div>However in this case I wasn't persuaded of the value of a generic</div><div>fine-grain object security model for asterisk. </div><div><br></div><div>I can think of a couple of places where this has been implemented</div><div>and _never_ used by developers:</div><div>Windows kernel - from NT onwards and the Java Security model.</div><div>What happens in both these cases is that the generic framework is</div><div>only ever used to implement a much simpler coarser security layer.</div><div>The Linux kernel takes the other approach, only building the required</div><div>coarser layer.</div><div><br></div><div>We should make sure we leave the possibility of a security layer, but</div><div>we should not specify it untill we have a much clearer picture of how the </div><div>API is used, and hence what the appropriate security model should be.</div><div><br></div><div>I want to thank everyone for taking part in (especially Brian for leading)</div><div>an amazingly productive couple of days at astridevcon on this topic.</div><div>Asterisk needs this API so that we can (for instance) offer</div><div>the same standard Frameworks that Cisco, Nortel and Avaya use </div><div>so that Asterisk can displace them in the telephony-app space.</div><div><br></div><div>All we need now is to turn the diagram into code ;-)</div><div><br></div><div>Tim.</div><div><br></div><div><br></div><div><br></div></body></html>