[Openid-specs-ab] Issue #2120: [Federation] editorial: make distinction about Subordinate and Descendants (openid/connect)
peppelinux
issues-reply at bitbucket.org
Fri Feb 23 16:20:51 UTC 2024
New issue 2120: [Federation] editorial: make distinction about Subordinate and Descendants
https://bitbucket.org/openid/connect/issues/2120/federation-editorial-make-distinction
Giuseppe De Marco:
In the current documentation, the terms "Subordinate" and "Descendant" are used, but a clear distinction between these two terms is not explicitly made.
**Subordinate** typically refers to an entity that is directly under another in the hierarchy, implying a direct reporting or dependency relationship.
**Descendant**, on the other hand, encompass all entities that fall under a particular entity in the hierarchy, including all levels of subordination below the specified entity, not just the immediate level.
Making this distinction clear in the documentation will improve understanding and communication about the federation's structure, particularly in discussions about trust chains, and policy application across different levels of the federation hierarchy according to the transitive trust property underlying the delegation model we have in the specs.
I would also consider adding examples or diagrams to visually illustrate the difference between Subordinates
and Descendants within a federation context.
More information about the Openid-specs-ab
mailing list