[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [security-services] "AuthorizationQuery" and "AuthorizationStatement"are *still* misleading names
I sent the message below a couple of weeks ago. There hasn't been any discussion, and core-21 still uses the same old names for these elements, which I continue to claim are likely to cause tremendous confusion going forward. I guess at this point I may need to make a formal motion regarding this change. If folks are worried about the resulting names being too long, I'm sure we can find a shorter form like "AuthzDecsnQuery" if needed. - RL "Bob" ---------- Forwarded message ---------- Date: Fri, 23 Nov 2001 15:46:56 -0800 (PST) From: RL 'Bob' Morgan <rlmorgan@washington.edu> To: OASIS Security Services TC <security-services@lists.oasis-open.org> Subject: [security-services] "AuthorizationQuery" and "AuthorizationStatement" are misleading names Early in the process of this committee we decided, after much contention and explanation and careful thought about concepts and terminology, that one of our three assertions (now statements, of course) is an "Authorization Decision Assertion", where that name precisely captures the intent of the structure. In particular we observed as part of that discussion that the single word "authorization" by itself can mean so many different things that it has to be qualified to be useful. The text of core-20, in section 1, uses the term "Authorization Decision Assertion", and section 1.5 has this phrase as its title. However, the actual name of the element, as specified in section 1.5 and elsewhere, is "AuthorizationStatement". And, the name of the corresponding query element, as specified in section 2.5, is "AuthorizationQuery". It seems to me that these names are misleading and should be changed. This is especially true since a likely user of our statement structures is the XACML work, which (though I haven't followed it) is supposedly about managing and expressing authorization information. So, I strongly suggest that these elements be renamed "AuthorizationDecisionStatement" and "AuthorizationDecisionQuery" and that the corresponding types be similarly renamed. - RL "Bob"
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC