[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xacml] WSPL - XACML gap analysis
On 11 March, Tim Moses writes: [xacml] WSPL - XACML gap analysis > Colleagues - Here is an initial stab at a gap analysis. I compare XACML > v1.0 with the requirements listed here ... > > http://lists.oasis-open.org/archives/xacml/200303/msg00014.html > > Category 1 (Satisfied and adequately explained in XACML v1.0): R1, R4, R5, > R6, R7, R13, R14, R15, R16. > > Category 2 (Satisfied in XACML v1.0, but fuller explanation required): R2, > R3, R8 (use <Target> element), R11. > > Category 3 (Needs features not found in XACML v1.0): > > R9 - WSS-QoP describes how to reference policy from WSDL and SOAP. > R10 - Needs the reintroduction of orderedOr and orderedAnd functions with an > explanation of their semantics. > R12 - Needs a way to reference the result of an operation. > > R2 and R3, I think, are the most substantial pieces of work. > > Any comments? All the best. Tim. Tim, once again, thanks for doing this work. I agree that R2 and R3 are the most substantial pieces of work. For R4 and R6, we MAY need to add data-types and associated functions specific to DSIG/DENC info (ways to compare cryptographic algorithm specifications along with their parameters). Are there other types of information that will be common in crypto-security policy, authentication policy, reliable-messaging policy, or transaction policy for which it would be helpful to specify new data types and operations? Anne -- Anne H. Anderson Email: Anne.Anderson@Sun.COM Sun Microsystems Laboratories 1 Network Drive,UBUR02-311 Tel: 781/442-0928 Burlington, MA 01803-0902 USA Fax: 781/442-1692 ---------------------------------------------------------------- To subscribe or unsubscribe from this elist use the subscription manager: <http://lists.oasis-open.org/ob/adm.pl>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]