[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [xacml] [CR 144] harmrul to interoperability
In section 2.3 "Combining Algorithms", the last paragraph says, "Users of the standard may, if necessary, defined their own combining algorithms. However this approach is harmful to interoperability..." How is this harmful to interoperability? Don't you mean "portability" of policies from one XACML evaluation engine, e.g. a PDP, to another? Also, saying that "users should specify how the combined result is to be derived from separate evaluation of the individual <Rule> or <Policy> statements", is not needed. It's like telling somebody that they *should* document their code. Although it is a notably good practice and should be encouraged, it is kind of insulting to XACML spec readers that would or already do so. I would be in favor of a statement that is more focused on the standard and not its "user" in this regard. I think what we are after here, is just a statement that rule and policy combining algorithms are an XACML extensibility point. I request to change the entire paragraph to: As one of the XACML extensibility points, XACML may be extended with alternate rule and policy combining algorithms.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC