Once upon this morning This morning, for the first time in a while, I cycled to work. It had been a few weeks since the…
When you write software, you can end up in a place where your continuous integration takes too long to execute. For most of the post I will write CI because it’s faster to type. Also it makes your read slightly faster.
When delivering software continuously, the more complex solution, the more you are prone to having a slow CI process at some point. Note that a limited computing power also increases the chances of slow CI becoming your burden.
A few weeks ago, the Internet Engineering Task Force (IETF) introduced a new Request For Comments (RFC) document about Vectors of Trust, the RFC8485. It is the work of Leif Johansson from the Swedish University Network. The original draft went through 15 iterations since 2015 and Justin Richer from Bespoke Engineering edited the current version.
Enough with the credits, what issue the Vectors of trust document is trying to solve? It seems that the purpose is to bring an effective method to measure the trust of credentials for digital transactions. The two main approaches at the moment are known as Level of Assurance (LoA) and Attribute-Based Access Control (ABAC). Let me try to introduce these to you first.