[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: Schemas with choice groups replacing substitution groups
So that would be the "pro-choice" argument... :-) Phillip Hallam-Baker FBCS C.Eng. Principal Scientist VeriSign Inc. pbaker@verisign.com 781 245 6996 x227 > -----Original Message----- > From: Eve L. Maler [mailto:eve.maler@sun.com] > Sent: Friday, September 28, 2001 11:00 AM > To: security-services@lists.oasis-open.org > Subject: RE: Schemas with choice groups replacing substitution groups > > > I can't see choice groups + substitution groups causing any > problems that > the individual pieces don't already have, except that it > might be a bit > confusing for schema-reading humans to follow. I'm not > familiar with PSTC > at all, but could this be a case for model groups (i.e., > using a model > group to represent the choice group and allow it to be reused)? > > Eve > > At 07:41 AM 9/28/01 -0700, Hallam-Baker, Phillip wrote: > >Bad form to follow up my own post I guess but.. > > > >One of the issues that I have been asked to look at recently > has been PSTC, > >the provisioning interface also bing developed by OASIS. > > > >Jeff Hodges has been making the undubitably correct point > that PSTC should > >use SAML for access control. > > > >However I believe we need to go somewhat further, in > particular PSTC should > >re-use SAML assertion or possibly statement elements. This > would then allow > >a complete interoperable assertion based access control > mechanism where the > >SAML and XACML assertions are initially created using PSTC. > > > > > >This brings us back to substitution groups(!). > > > >The choice groups we have just defined ensure that substitution group > >crippled schema validators do the right thing. Should we add the > >substitution group declarators back in however so that > extensions that build > >arround the statement or assertion element don't have to > replicate our > >choice groups to ensure that SAML elements can be used??? > > > > > >What I am thinking is that PSTC might use is an element of the form: > > > ><Provision> > > <AttributeStatement> > > <...Whatever...> > > > >Would choice groups + substitution groups cause problems??? > > > > > > Phill > > > > > >Phillip Hallam-Baker FBCS C.Eng. > >Principal Scientist > >VeriSign Inc. > >pbaker@verisign.com > >781 245 6996 x227 > > > > > > > -----Original Message----- > > > From: Hallam-Baker, Phillip [mailto:pbaker@verisign.com] > > > Sent: Thursday, September 27, 2001 5:26 PM > > > To: security-services@lists.oasis-open.org > > > Subject: Schemas with choice groups replacing substitution groups > > > > > > > > > All, > > > > > > Attached are the schemas with the choice groups > replacing the > > > substitution groups. > > > > > > I introduced extra elements for subject statement and > > > query so that > > > extension schemas can key of them with an xsi:type duwinsky > > > and give maximum > > > info to the other application. > > > > > > Phill > > > > > > Phillip Hallam-Baker FBCS C.Eng. > > > Principal Scientist > > > VeriSign Inc. > > > pbaker@verisign.com > > > 781 245 6996 x227 > > > > > > > > > > > > > -- > Eve Maler +1 781 442 3190 > Sun Microsystems XML Technology Center eve.maler @ sun.com > > > ---------------------------------------------------------------- > To subscribe or unsubscribe from this elist use the subscription > manager: <http://lists.oasis-open.org/ob/adm.pl> >
Phillip Hallam-Baker (E-mail).vcf
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC