OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [xacml] Proposed minOccurs and maxOccurs changes

I propose that the "occurs" requirements on the following
elements (from v0.13b.xsd) be changed.  Note that the default for
both minOccurs and maxOccurs is "1".

PolicySetStatementType element <policySet>
  Now: maxOccurs="unbounded"
  Proposed: default
  Why: a <policySet> can contain multiple policy statements or
     policy set statements, but why should a single
     PolicySetStatement contain more than one <policySet>?  Same
     argument applies to <ruleSet> in a policy statement.

PolicySetStatementType element <target>
  Now: default
  Proposed: minOccurs="0"
  Why: if PolicySetStatement applies to ALL targets, then it
     would be simpler to allow <target> to be omitted, and have
     missing <target> have the semantic "matches all targets".

PolicyStatementType element <target>
  Now: default
  Proposed: minOccurs="0"
  Why: if PolicyStatement applies to ALL targets, then it
     would be simpler to allow <target> to be omitted, and have
     missing <target> have the semantic "matches all targets".

PolicyStatementType element <ruleSet>
  Now: maxOccurs="unbounded"
  Proposed: default
  Why: a <ruleSet> can contain multiple rules, but why should a
     PolicyStatement contain more than one <ruleSet>?  There are
     no attributes or other information in a <ruleSet> that might
     be different from one collection to another.

TargetType element <subjects>
  Now: default
  Proposed: minOccurs="0"
  Why: if the <target> applies to ALL subjects, it would be
     simpler to allow <subjects> to be omitted, and have missing
     <subjects> have the semantic "matches all subjects".  Note
     that SubjectsType currently requires at least one Attribute,
     so there is currently no way to omit all subjects.

TargetType element <resources>
  Now: default
  Proposed: minOccurs="0"
  Why: if the <target> applies to ALL resources, it would be
     simpler to allow <resources> to be omitted, and have missing
     <resources> have the semantic "matches all resources".  Note
     that ResourcesType currently requires at least one
     Attribute, so there is currently no way to omit all
     resources.

TargetType element <actions>
  Now: default
  Proposed: minOccurs="0"
  Why: if the <target> applies to ALL actions, it would be
     simpler to allow <actions> to be omitted, and have missing
     <actions> have the semantic "matches all actions".  Note
     that ActionsType currently requires at least one Action, so
     there is currently no way to omit all actions.

Anne
-- 
Anne H. Anderson             Email: Anne.Anderson@Sun.COM
Sun Microsystems Laboratories
1 Network Drive,UBUR02-311     Tel: 781/442-0928
Burlington, MA 01803-0902 USA  Fax: 781/442-1692

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC