Security SG: Definition of Administrative Domain
We have a home work raised in November meeting to revise the
definition of Administrative Domain (AD).
RFC 1136 has a good definition of AD. Here is revised definition of
AD with borrowing and slightly modifying text in RFC 1136:
"
Administrative Domain
A collection of End Systems, Intermediate Systems, and authority.
The components which make up the domain are assumed to interoperate
with a significant degree of mutual trust among themselves, but
interoperate with other Administrative Domains in a mutually
suspicious manner.
Administrative Domains can be organized into a loose hierarchy
that reflects the availability and authoritativeness of
authentication and authorization information. This hierarchy does
not imply administrative containment, nor does it imply a strict
tree topology.
"
I believe this addresses all issues related to administrative domain
definition.
Comments?
Yoshihiro Ohba