[Security_sig] Pls review DLT Cap Doc 1.0 Security Section Draft

[slav at vogon.net]

>
> One more thing...
>
> It turns out that the firewall assumption also reveals a disconnect
> between
> the DCL and DLT documents. The disconnect turns out to be based on the
> infrastructure/environment vs. single machine view. The security part of
> the DCL spec covers the single machine view. The DLT spec is making
> assumptions about the DCL environment which are valid but not covered by
> the DCL spec. I know that we had this discussion when deciding on the
> capabilities for the DCL spec.
>

Emily, yes I agree there is a disconnect.  In the DTL (Desktop Linux
workgroup), one of the things we concern ourselves with is defining the
requirements and capabilities of the desktop solution that will exist
within the enterprise, therefore we must address the needs reflective of
that environment.  In this case, our target is a single machine view, in
the context of a larger eco-system the machine belongs to.  The DTL's
"encroachment" (if I may call it that) on the datacenter space is driven
by the need for that machine to co-exist with the datacenter.

I'm not opposed to the idea of having the Linux distribution contain
everything and the kitchen sink (that way a single Linux box can act as
THE data center), as long as the extras can be easily removed, and the
solution includes pieces that would make it an enterprise-ready client. 
In writing the security section for the DTL document, we focused on
aspects that address the client's enterprise readiness.