OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [xacml-comment] What is "URI equality" ?


Hi Steven,

"URI equality" is defined in the URI specification RFC 3986:
  "Uniform Resource Identifier (URI): Generic Syntax"
  http://tools.ietf.org/html/rfc3986
which in section 6, goes into detail as to what is involved:
  http://tools.ietf.org/html/rfc3986#section-6

The bottom line is that there is no accepted unambiguous way
to determine absolutely that 2 URIs are "equal", and the
objective has been reduced to:
"Therefore, comparison methods are designed to
 minimize false negatives
 while strictly avoiding false positives. "
http://tools.ietf.org/html/rfc3986#section-6.1
In other words (I interpret this to mean),
  • a determination of "equivalent" should, in general,
    be considered to be "accepted as absolutely true",
  • while a determination of "non-equivalent" should,
    in general, be considered to be accepted as "true",
    but, with the qualification that further investigation
    may under some circumstances find that the result
    may be "equivalent" when those additional
    circumstances are included in the evaluation.
Note that the core spec refers to the August 1998 version:
  "Uniform Resource Identifiers (URI): Generic Syntax"
  http://tools.ietf.org/html/rfc2396
which elaborates less on this issue but does say in section 6:
"In general, the rules for equivalence
 and definition of a normal form, if any,
 are scheme dependent."
-> XACML 3.0 core spec should be updated to refer to RFC3986,
which has "obsoleted" RFC2396.

    Thanks,
    Rich


On 10/25/2011 7:36 PM, Steven Legg wrote:

Sections 5.29 and 7.3.4 of the Committee Specification 1 XACMLv3 core
specification define the matching of Category, AttributeId and DataType
XML attributes according to "URI equality". I've always assumed that
URI equality was the same as the matching performed by the
urn:oasis:names:tc:xacml:1.0:function:anyURI-equal function, but I can't
find anything in the specification to justify that assumption since
"URI equality" is not defined anywhere. It would help if the specification
clarified what "URI equality" actually means.

Similarly, there is also a reference to undefined "string equality"
matching in section 5.24.

Regards,
Steven



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]