OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

regrep message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: [regrep] XACML and Access Control Policy

Suresh,

Can you identify what aspects of XACML are not RF?

I envision that our spec will not mandate XACML in implementations. It 
would simply use some XACML namespace define schema elements for 
defining Policy elements within our Request/Response messages. That is 
the line I was thinking. Actual XACML implementation issue would be left 
to implementations which may use some alternative to XACML if they wished.

Damodaran, Suresh wrote:

>Here is a thought that we may need to confront sooner or later.
>XACML is not free of IP claims [1,2]. Since we don't want reg-rep v3.0
>to be encumbered by IP claims, one option we have is the following:
>
>1. Make a meta model and then bind XACML to it. This should leave the option
>of making other
>bindings as well. I don't claim I know exactly how to do this as yet,
>but that is something we would need to figure out together.
>
>The second option is to forget about the metamodel and let the burden fall
>on
>the implementers. 
>
>Any other thoughts or other options?
>
>In any case, it looks prudent to cleanly identify and compartmentalize
>the spec portions that deal with XACML and Custom Access Control.
>
>Regards,
>
>-Suresh
>Sterling Commerce (on loan to RosettaNet)
>[1] http://www.oasis-open.org/committees/xacml/ibm_ipr_statement.shtml
>[2] http://www.oasis-open.org/committees/xacml/cg_ipr_statement.shtml
>
>
>
>-----Original Message-----
>From: Farrukh Najmi [mailto:farrukh.najmi@sun.com]
>Sent: Tuesday, January 07, 2003 8:03 PM
>To: Breininger, Kathryn R
>Cc: Matthew MacKenzie; Damodaran, Suresh; regrep@lists.oasis-open.org
>Subject: Re: [regrep] XACML and Access Control Policy
>
>
>I believe that proposed changes for custom ACP are largely orthogonal to 
>the the set of changes proposed to be reviewed this Thursday. The only 
>overlap in in the security chapters of RS and RIM where the changes for 
>2.33 were fairly minor. We could defer these chapters review until we 
>finish the Custom ACP task.
>
>  
>

-- 
Regards,
Farrukh

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC