OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [xacml] [Text change] CR#0149: Environment attributes

This is in response to may action item to reword the SPECIFIC
RESOLUTION for this Change Request to fit into Section 7 as a new
sub-heading.

1) Add following new Section to 7.9

   7.9.1 Environment Attributes

   The implementation MUST support the environment attributes
   defined in Section 10.3.5.  If a value for one of these
   attributes is supplied in the original Request, then the PDP
   SHALL use that value.  Otherwise, the PDP SHALL supply a
   value.  For the date and time attributes, the supplied value
   SHALL have the semantics of "date and time that apply to the
   Request".

   7.9.2 Subject Attributes

   The implementation MUST support the
   "urn:oasis:names:tc:xacml:1.0:subject:subject-category"
   subject attribute defined in Section 10.3.5.  For each
   <Subject> element in the original Request, if a value for this
   attribute is supplied, then the PDP SHALL use that value.
   Otherwise, the PDP SHALL supply the default value
   "urn:oasis:names:tc:xacml:1.0:subject-category:access-subject".
   If there is more than one subject-category attribute supplied
   in the original Request for any given <Subject> element, then
   the original Request is invalid.

2) 10.3.5 Attributes, append following at end of table of attribute
   identifiers:

     urn:oasis:names:tc:xacml:1.0:subject:subject-category      M

3) 10.3.6 Identifiers, first paragraph, following
   "...since the semantics of the attributes are transparent to
   the PDP", delete the following sentence:

    The attribute
    "urn:oasis:names:tc:xacml:1.0:subject:subject-category" MUST be
    supported, since it is implicit with a value of
    "urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"
    if no other subject-category attribute value is specified.

Anne

-- 
Anne H. Anderson             Email: Anne.Anderson@Sun.COM
Sun Microsystems Laboratories
1 Network Drive,UBUR02-311     Tel: 781/442-0928
Burlington, MA 01803-0902 USA  Fax: 781/442-1692

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC