[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [xacml] PDP Inputs and Outputs
I have looked again at the charter. It says "Note that, aside from the XACML policy instance itself, all PDP inputs and outputs MUST be SAML-compliant (i.e., conform with the assertions and protocol messages defined in the SS-TC SAML specification), although other syntaxes/formats for the PDP input and output MAY be supported in addition to this."
I had been taking this to mean that the XACML policy language must be capable of accepting the inputs provided from SAML. I had not construed this to mean that XACML must be restricted to use just the format that SAML uses. For example, if SAML provides A and we support A or B or C this is ok.
I admit that I had mostly been thinking about user attributes as an input, where there is no real issue, since SAML attributes can use arbitrary schemas.
Hal
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC