2 Sep
2020
2 Sep
'20
9:07 p.m.
We continue the relationship manager work. Some things I think we need to figure out (ideally from proposals or lists of options): - One API (AS only) or two (also RS)? - (Each) API protection model? - Topological and trust assumptions or lack thereof? What can be co-located? How many of each thing can there be? - Any rules needed for policy (“policy condition”) priority between RM and AS (the “cascading” scenario) - A clean way to model or illustrate the scenario when the RS is hosting claims (the “turtles” scenario) What else? Eve Maler (sent from my iPad) | cell +1 425 345 6756