Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

Security SG: Definition of Administrative Domain



We have a home work raised in November meeting to revise the
definition of Administrative Domain (AD).

RFC 1136 has a good definition of AD.  Here is revised definition of
AD with borrowing and slightly modifying text in RFC 1136:

"
Administrative Domain

  A collection of End Systems, Intermediate Systems, and authority.
  The components which make up the domain are assumed to interoperate
  with a significant degree of mutual trust among themselves, but
  interoperate with other Administrative Domains in a mutually
  suspicious manner.

  Administrative Domains can be organized into a loose hierarchy
  that reflects the availability and authoritativeness of
  authentication and authorization information.  This hierarchy does
  not imply administrative containment, nor does it imply a strict
  tree topology.
"

I believe this addresses all issues related to administrative domain
definition.

Comments?

Yoshihiro Ohba