[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xacml] Minutes of 20 May 2004 XACML Focus Group
I actually think that "being named in only one way" should be out of our scope. That is a rather heavy requirement to impose on a system, one that requires users to come up with mapping. In the same time, it does not buy You much more in terms of expressiveness for the hierarchical policy. It seems a little bit ambitious to try to define a universal naming scheme, especially when it is not generally needed: for interoperability it is no harder to use some particular naming convention for hierarchy, - one has to use "some" naming convention in any new system anyway. I would think imposing some mandatory format for the identifier is, how would they say - "unduly burdensome" :) Daniel. -----Original Message----- From: Anne Anderson [mailto:Anne.Anderson@Sun.COM] Sent: Friday, May 21, 2004 6:22 AM To: Daniel Engovatov Cc: XACML TC Subject: RE: [xacml] Minutes of 20 May 2004 XACML Focus Group If you want to name your resources in a way other than the std URI syntax, all you have to do is write a simple Profile describing how your resources are named. This could be an XACML TC Profile or it could be a Profile used only by BEA for BEA resources. The important thing is for any given resource type to be identified in only one way. Otherwise, policies might be written against the resource assuming one naming scheme, but the Request might come in using another naming scheme, and then the policy will not apply (when it should). Anne
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]