[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xacml] another small time/date issue
It may. But do we really want to specify exactly how it is done without unduly restricting architecture of implementations? I thought it would be beneficial for an authorization language standard to stay out of data flow management and operational behavior as much as possible. We specify how to deal with attributes that are explicitly provided in a request, but anything concerning PIP sources of information was intentionally left undefined, as far as I remember. Daniel. -----Original Message----- From: Anne Anderson - Sun Microsystems [mailto:Anne.Anderson@sun.com] Sent: Tuesday, August 12, 2003 5:36 PM To: Daniel Engovatov; Seth Proctor Cc: xacml@lists.oasis-open.org; Polar Humenn Subject: RE: [xacml] another small time/date issue Won't the initial Request go to a single PDP? And that PDP might invoke others to evaluate sub-policies? If that is the case, then the initial PDP could add its concept of "current-time/date/dateTime" to the Request context that it sends to any other PDP for subordinate evaluation. -Anne
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]