[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [xacml] Observation on "context"
On 30 May, Tim Moses writes: [xacml] Observation on "context" > For instance, we could define a name tree that includes: > > xacml/context/input/principal/codeSigner/name > > to indicate the name of the code-signer principal in the input context. > This idea doesn't conflict with the excellent idea of a "context". It > merely gets away from thinking of it as an XML document. You could think of > it as equivalent to an XML document in which attributes are not allowed, if > you like. I think the problem here is that XACML would need to define a "standard" set of names like "codeSigner", "requestingUser", "executingMachine", "delegatingUser", etc. By using an XML attribute, XACML can define a default "requestingUser" value, and let others be URLs that specific user communities define. Anne -- Anne H. Anderson Email: Anne.Anderson@Sun.COM Sun Microsystems Laboratories 1 Network Drive,UBUR02-311 Tel: 781/442-0928 Burlington, MA 01803-0902 USA Fax: 781/442-1692
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC