[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [xacml] Transform specification in PolicyStatement
In my last XACML context proposal, I specified <Transform> element in the <PolicyStatement> to explicitly write the transformation rule in the policy. But I am wondering whether <Transform> specification should be specified within PolicyStatement or not. It might be nice to include such information in the policy, but second idea would be to define specification like <Transform> outside the XACML specification e.g. as PDP definition because XACML policy only refers to information defined in XACML Context, not original credential like SAML. Transformation also depends on PDP's functionality about what kind of credential PDP can understand. This implies that <Transform> is much closer to the PDP's functionality. The third idea is somewhat in-between, so it just specifies transform URI (not exact transformation specification or URL) in the <PolicyStatement>. Any thoughts? Best Michiharu Kudo IBM Tokyo Research Laboratory, Internet Technology Tel. +81 (46) 215-4642 Fax +81 (46) 273-7428
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC