
Glossary
********

authorization realm
   The authorization realm is the target user authorization ID's
   namespace.

   When, for example, a user *John Doe* logs in with username "doe"
   (the "authentication ID"), the original authorization realm (as
   specified in the original username) is "null".

   After user login name *canonification* -- a process to translate an
   authentication ID in to an authorization ID -- the resulting
   authorization ID may have become "john.doe@example.org".

   The canonification process is important, because it will also be
   the authorization ID that is used to compose the mailbox path to
   the user's INBOX.

   Continuing our example user, the authorization ID having become
   "john.doe@example.org" will result in the session using
   "user/john.doe@example.org" as the INBOX.

   The **authorization realm** at this point is one of "example.org".
   The user will not be able to access any mailboxes outside this
   authorization realm, meaning the user will be unable to access any
   mailboxes for which the mailbox path does not end in
   "@example.org".

backend
   The part of a Cyrus configuration which contains the data.

   See also:

     * *frontend*

canonification
   Canonification is the process of translating a login username in to
   the targeted value to use throughout the rest of the
   infrastructure.

   Suppose, for example, a user "John Doe <doe@example.org>" has an
   email address of "doe@example.org", and a user ID of "doe". Suppose
   therefore his mailbox is "user/doe@example.org", and his
   authorization ID is "doe@example.org".

   When John logs in however, he may also use one of his secondary
   recipient addresses, such as "john.doe@example.org" or
   "jdoe@example.org".

   This login username needs to be translated to "doe@example.org" in
   order to obtain the correct INBOX, and allow applications to
   consistently retrieve profiles with user preferences.

disk volume
disk volumes
   A disk volume is an entity that "can contain a filesystem". This
   may be a complete disk, a set of disks, a disk partition, a logical
   volume, a copy-on-write snapshot, a disk image (file), a fiber-
   channel or iSCSI LUN, or any other such volume.

domain name space
domain name spaces
   A domain name space is, among other things, the qualification of a
   recipient's local-part. It is the domain name appended to the local
   part of an email address, the two of them divided by an '@'
   character (sender specified routing notwithstanding).

   Without domain name spaces, user 'john' would only ever know about
   user 'jane' if -- pardon my French to those in the know -- if both
   'john' and 'jane' considered eachother local. In other words, if
   both 'john' and 'jane' used the same physical *system environment*.
   As you may be aware, the Internet is composed of a quite a few
   thousands of such system environments.

   What *qualifies* users 'john' and 'jane' to all other users on the
   Internet is a *name space*. The name space must be globally unique
   (literally "globally" -- but technically speaking more like
   "universally unique").

   The only name spaces available to Internet registrars and therefore
   service providers and therefore users, are called *domains* -- they
   are composed of a *top-level domain (name space)* such as .org and
   .com, and a name that a service provider would allow you to
   register with the Internet registrar (a NIC) - each domain is
   therefore at least one but possible more *domain name spaces*.

   To further illustrate, you require an Internet registrar to obtain
   your own *domain name* -- unless you are an Internet registrar
   yourself, of course, though you still need one, but it just so
   happens you are one.

   Once you have registered a domain name (and, contrary to popular
   belief, you don't actually own it, ever) nothing prevents you from
   creating additional domain name spaces within the name space of
   that domain.

   You could, for example, register "example.org", and create a domain
   name space of "customer1.example.org" and/or "family2.example.org".

   In fact, every *fully qualified domain name* is a domain name space
   in and of its own -- but it identifies on the individual system
   level as opposed to the environment level.

FQDN
fully qualified domain name
   A Fully Qualified Domain Name is intended to refer to a single node
   (or "operating system instance", if you will) whether it be
   traditionally physical or virtual, in a manner that is globally
   ("universally") unique.

   As such, it SHOULD be composed of at least three (3) name space
   segments divided by a dot (.) character -- excluding the implicit
   top-level dot (.), even if a domain (system environment) is
   comprised of a single system.

frontend
   The part of a Cyrus configuration which contains the components
   which talk to clients.

   See also:

     * *frontend*

HBA
Host Bus Adapter
   A Host Bus Adapter is a device to connect a computer to a storage
   device.

   See also:

     * Host adapter

mandatory access control
   Mandatory access control is a type of access control where a set of
   (static) rules controlled (centrally) by a security policy
   administrator describe the level of access subjects to objects. As
   such, no subject controls the level of access of other subjects.

msa
Mail Submission Agent
   The Mail Submission Agent (*MSA*) (...)

mta
Mail Transfer Agent
   The Mail Transfer Agent (*MTA*) (...)

MTBF
   Mean time between Failure -- a statistical determination of the
   time between failures.

mua
Mail User Agent
   The Mail User Agent (*MUA*) (...)

mydestination
   "mydestination" is a setting in Postfix, commonly used to refer to
   a list of *domain name spaces* that the local *MTA* is considered
   the final destination for.

operating system disks
   Storage used for the operating system installation.

   See also:

     * *payload disks*

partition
partitions
   A partition in Cyrus IMAP (...)

payload disks
   Storage used for information.

storage volume level replication
   Please see the generic section on Redundancy.
