[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [security-services] "AuthorizationQuery" and"AuthorizationStatement" are *still* misleading names
I agree that we should change the names as you suggest. (I have a feeling
that many smallish issues that are being sent to the list are not getting
catalogued regularly, which is worrying... What can we do about this?)
Eve
At 01:09 AM 12/18/01 -0800, RL 'Bob' Morgan wrote:
>I sent the message below a couple of weeks ago. There hasn't been any
>discussion, and core-21 still uses the same old names for these elements,
>which I continue to claim are likely to cause tremendous confusion going
>forward. I guess at this point I may need to make a formal motion
>regarding this change. If folks are worried about the resulting names
>being too long, I'm sure we can find a shorter form like "AuthzDecsnQuery"
>if needed.
>
> - RL "Bob"
>
>---------- Forwarded message ----------
>Date: Fri, 23 Nov 2001 15:46:56 -0800 (PST)
>From: RL 'Bob' Morgan <rlmorgan@washington.edu>
>To: OASIS Security Services TC <security-services@lists.oasis-open.org>
>Subject: [security-services] "AuthorizationQuery" and
> "AuthorizationStatement" are misleading names
>
>
>Early in the process of this committee we decided, after much contention
>and explanation and careful thought about concepts and terminology, that
>one of our three assertions (now statements, of course) is an
>"Authorization Decision Assertion", where that name precisely captures the
>intent of the structure. In particular we observed as part of that
>discussion that the single word "authorization" by itself can mean so
>many different things that it has to be qualified to be useful. The text
>of core-20, in section 1, uses the term "Authorization Decision
>Assertion", and section 1.5 has this phrase as its title.
>
>However, the actual name of the element, as specified in section 1.5 and
>elsewhere, is "AuthorizationStatement". And, the name of the
>corresponding query element, as specified in section 2.5, is
>"AuthorizationQuery". It seems to me that these names are misleading and
>should be changed. This is especially true since a likely user of our
>statement structures is the XACML work, which (though I haven't followed
>it) is supposedly about managing and expressing authorization information.
>
>So, I strongly suggest that these elements be renamed
>"AuthorizationDecisionStatement" and "AuthorizationDecisionQuery" and that
>the corresponding types be similarly renamed.
>
> - RL "Bob"
>
>
>
>----------------------------------------------------------------
>To subscribe or unsubscribe from this elist use the subscription
>manager: <http://lists.oasis-open.org/ob/adm.pl>
--
Eve Maler +1 781 442 3190
Sun Microsystems XML Technology Center eve.maler @ sun.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC