OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: [xacml] Take 3: normative elements,identifiers,algorithms and whethermandatory


[This time, attachment and corrected hyphenation for
subject-category included]

Attached is a list of all schema elements (16f.xsd), identifiers,
and algorithms.  Within each list, items are in alphabetical
order.  Each item is labelled "M" or " ", meaning "Mandatory to
implement" or "normative, but not mandatory to implement",
respectively.  The list of identifiers includes Michiharu's
additions.

Questions:
1. Should the following elements in the policy schema be mandatory?
   ?  xacml          AbstractDefaults  (abstract)
   ?  xacml          PolicyDefaults
   ?  xacml          PolicySetDefaults

2. Should we include xs: datatypes that we require to be
   supported, or do we assume all of them are mandatory?

3. Does flagging an attribute identifier as
   mandatory-to-implement mean that the corresponding attribute
   is mandatory-to-implement?  (I assume yes)

Please let me know if these are correct.  Tim, if you would like
to have these labelled by the section number in version 15 of the
spec, let me know.

Anne
-- 
Anne H. Anderson             Email: Anne.Anderson@Sun.COM
Sun Microsystems Laboratories
1 Network Drive,UBUR02-311     Tel: 781/442-0928
Burlington, MA 01803-0902 USA  Fax: 781/442-1692

Title:   List of Normative XACML schema elements, identifiers, algorithms
Author:  Anne Anderson
Version: 1.5, 02/08/14 (yy/mm/dd)
Source:  /net/labeast.east/files2/east/info/projects/isrg/xacml/docs/SCCS/s.mandatory.txt

M means mandatory-to-implement

Schema Elements
==============================================
?  xacml          AbstractDefaults  (abstract)
M  xacml          Action
M  xacml          ActionAttributeDesignator
M  xacml          ActionMatch
M  xacml          Actions
M  xacml          AnyAction
M  xacml          AnyResource
M  xacml          AnySubject
M  xacml          Apply
   xacml          AttributeAssignment
   xacml          AttributeSelector
M  xacml          AttributeValue
M  xacml          Condition
M  xacml          Description
M  xacml          EnvironmentAttributeDesignator
   xacml          Obligation
   xacml          Obligations
M  xacml          Policy
?  xacml          PolicyDefaults
M  xacml          PolicyId
M  xacml          PolicySet
?  xacml          PolicySetDefaults
M  xacml          PolicySetId
M  xacml          Resource
M  xacml          ResourceAttributeDesignator
M  xacml          ResourceMatch
M  xacml          Resources
M  xacml          Rule
M  xacml          Subject
M  xacml          SubjectAttributeDesignator
M  xacml          SubjectAttributeDesignatorWhere
M  xacml          SubjectMatch
M  xacml          Subjects
M  xacml          Target
   xacml          XPathVersion
M  xacml-context  Action
M  xacml-context  Attribute
M  xacml-context  AttributeValue
M  xacml-context  Decision
M  xacml-context  Environment
   xacml-context  Obligations
M  xacml-context  Request
M  xacml-context  Resource
   xacml-context  ResourceContent
M  xacml-context  Response
M  xacml-context  Result
   xacml-context  Status
   xacml-context  StatusCode
   xacml-context  StatusDetail
   xacml-context  StatusMessage
M  xacml-context  Subject

Algorithms
==========
M  Deny-Overrides
M  First-Applicable
M  Permit-Overrides

Identifiers
===========
M  urn:oasis:names:tc:xacml:1.0
M  urn:oasis:names:tc:xacml:1.0:auth-locality:dns-name
   urn:oasis:names:tc:xacml:1.0:auth-locality:ip-address
M  urn:oasis:names:tc:xacml:1.0:conformance-test
M  urn:oasis:names:tc:xacml:1.0:context
M  urn:oasis:names:tc:xacml:1.0:datatype:numeric
M  urn:oasis:names:tc:xacml:1.0:datatype:rfc822name
M  urn:oasis:names:tc:xacml:1.0:datatype:ufs-path
M  urn:oasis:names:tc:xacml:1.0:datatype:x500name
M  urn:oasis:names:tc:xacml:1.0:environment:current-time
   urn:oasis:names:tc:xacml:1.0:example:action
   urn:oasis:names:tc:xacml:1.0:example:action:read
   urn:oasis:names:tc:xacml:1.0:example:action:xml-ac
   urn:oasis:names:tc:xacml:1.0:example:attribute
   urn:oasis:names:tc:xacml:1.0:example:attribute:group
   urn:oasis:names:tc:xacml:1.0:example:attribute:role
M  urn:oasis:names:tc:xacml:1.0:function
M  urn:oasis:names:tc:xacml:1.0:policy
M  urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides
M  urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:first-applicable
M  urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:permit-overrides
M  urn:oasis:names:tc:xacml:1.0:resource:resource-location
M  urn:oasis:names:tc:xacml:1.0:resource:resource-uri
M  urn:oasis:names:tc:xacml:1.0:resource:simple-file-name
   urn:oasis:names:tc:xacml:1.0:resource:xpath
M  urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides
M  urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable
M  urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides
   urn:oasis:names:tc:xacml:1.0:status:missing-attribute
   urn:oasis:names:tc:xacml:1.0:status:ok
   urn:oasis:names:tc:xacml:1.0:status:processing-error
   urn:oasis:names:tc:xacml:1.0:status:syntax-error
M  urn:oasis:names:tc:xacml:1.0:subject:authentication-method
M  urn:oasis:names:tc:xacml:1.0:subject:authentication-time
M  urn:oasis:names:tc:xacml:1.0:subject:key-info
M  urn:oasis:names:tc:xacml:1.0:subject:request-time
M  urn:oasis:names:tc:xacml:1.0:subject:session-start-time
M  urn:oasis:names:tc:xacml:1.0:subject:subject-category
M  urn:oasis:names:tc:xacml:1.0:subject:subject-id
M  urn:oasis:names:tc:xacml:1.0:subject:subject-id-qualifier
M  urn:oasis:names:tc:xacml:1.0:subject-category:access-subject
   urn:oasis:names:tc:xacml:1.0:subject-category:codebase
   urn:oasis:names:tc:xacml:1.0:subject-category:intermediary-subject
   urn:oasis:names:tc:xacml:1.0:subject-category:recipient-subject
   urn:oasis:names:tc:xacml:1.0:subject-category:requesting-machine
M  xs:Gregorian
   xs:dayTimeDuration
   xs:yearMonthDuration


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC