[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xacml] Another public comment on admin policy
Again, I don't quite understand this. Could you provide an example or elaborate? However, it is possible to do a lot with custom policy combining algorithms. I implemented my experimental delegation in XACML 1.1 using obligations and a custom policy combining algorithm. Best regards, Erik Anne Anderson wrote: > Erik? > > Regards, > Anne > > ------------------------------------------------------------------------ > > Subject: > [xacml-comment] Public Comment > From: > comment-form@oasis-open.org > Date: > Mon, 29 May 2006 12:22:35 +0000 > To: > xacml-comment@lists.oasis-open.org > > To: > xacml-comment@lists.oasis-open.org > > Return-path: > <xacml-comment-return-231-Anne.Anderson=sun.com@lists.oasis-open.org> > Received: > from sml-sfvt2a.sfvic.sunlabs.com ([152.70.2.220]) by > mail-srv.sfvic.sunlabs.com (Sun Java System Messaging Server 6.1 > HotFix 0.02 (built Aug 25 2004)) with ESMTP id > <0J01008ZH12AOX00@mail-srv.sfvic.sunlabs.com> for > aa74233@sml-sfvic-mail-swan.SFBay.Sun.COM; Mon, 29 May 2006 05:22:58 > -0700 (PDT) > Received: > from sfbaymail1sca.SFBay.Sun.COM ([129.145.154.35]) by > mail-swan.sfvic.sunlabs.com (Sun Java System Messaging Server 6.1 > HotFix 0.02 (built Aug 25 2004)) with ESMTP id > <0J0100GY312A8G00@mail-swan.sfvic.sunlabs.com> for > aa74233@sml-sfvic-mail-swan.SFBay.Sun.COM (ORCPT > Anne.Anderson@sun.com); Mon, 29 May 2006 05:22:58 -0700 (PDT) > Received: > from sunmail2.sfbay.sun.com (sunmail2.SFBay.Sun.COM [129.149.246.180]) > by sfbaymail1sca.SFBay.Sun.COM (8.12.10+Sun/8.12.10/ENSMAIL,v2.2) with > ESMTP id k4TCMwtx020565 for <anne.anderson@sfbay.sun.com>; Mon, 29 May > 2006 05:22:58 -0700 (PDT) > Received: > from nwk-avmta-1.SFBay.Sun.COM (nwk-avmta-1.SFBay.Sun.COM > [129.149.246.28]) by sunmail2.sfbay.sun.com > (8.11.7p1+Sun/8.11.7/ENSMAIL,v2.2) with ESMTP id k4TCMwu11651 for > <@sunmail2.sfbay.sun.com:Anne.Anderson@sun.com>; Mon, 29 May 2006 > 05:22:58 -0700 (PDT) > Received: > from pmxchannel-daemon.nwk-avmta-1.sfbay.Sun.COM by > nwk-avmta-1.sfbay.Sun.COM (Sun Java System Messaging Server 6.2 (built > Dec 2 2004)) id <0J0100L0N1270D00@nwk-avmta-1.sfbay.Sun.COM> for > Anne.Anderson@sun.com (ORCPT Anne.Anderson@sun.com); Mon, 29 May 2006 > 05:22:55 -0700 (PDT) > Received: > from brmea-mail-3.sun.com ([192.18.98.34]) by > nwk-avmta-1.sfbay.Sun.COM (Sun Java System Messaging Server 6.2 (built > Dec 2 2004)) with ESMTP id > <0J0100JES126HX50@nwk-avmta-1.sfbay.Sun.COM> for Anne.Anderson@sun.com > (ORCPT Anne.Anderson@sun.com); Mon, 29 May 2006 05:22:54 -0700 (PDT) > Received: > from relay21.sun.com (relay21.sun.com [192.12.251.14] (may be forged)) > by brmea-mail-3.sun.com (8.12.10/8.12.9) with ESMTP id k4TCMrfG000831 > for <Anne.Anderson@sun.com>; Mon, 29 May 2006 06:22:54 -0600 (MDT) > Received: > from mms26es.sun.com (mms26es.sun.com [150.143.232.114]) by > relay21.sun.com with ESMTP for Anne.Anderson@sun.com; Mon, 29 May 2006 > 12:22:53 +0000 (Z) > Received: > from relay23.sun.com (relay23.sun.com [192.12.251.54]) by > mms26es.sun.com with ESMTP for Anne.Anderson@sun.com; Mon, 29 May 2006 > 12:22:51 +0000 (Z) > Received: > from mail.oasis-open.org ([209.202.168.106] [209.202.168.106]) by > relay23.sun.com for Anne.Anderson@sun.com; Mon, 29 May 2006 12:22:51 > +0000 (Z) > Received: > (qmail 13849 invoked by uid 508); Mon, 29 May 2006 12:22:38 +0000 > Received: > (qmail 13840 invoked by uid 60881); Mon, 29 May 2006 12:22:38 +0000 > Sender: > xacml-comment-return-231-Anne.Anderson=sun.com@lists.oasis-open.org > Reply-To: > pog@itst.dk > Message-ID: > <20060529122235.22617.qmail@eos.oasis-open.org> > MIME-Version: > 1.0 > Content-type: > TEXT/PLAIN > Content-transfer-encoding: > 7BIT > Precedence: > bulk > Delivered-to: > mailing list xacml-comment@lists.oasis-open.org > Mailing-List: > contact xacml-comment-help@lists.oasis-open.org; run by ezmlm > X-PMX-Version: > 5.1.2.240295 > List-Post: > <mailto:xacml-comment@lists.oasis-open.org> > List-Subscribe: > <mailto:xacml-comment-subscribe@lists.oasis-open.org> > List-Unsubscribe: > <mailto:xacml-comment-unsubscribe@lists.oasis-open.org> > List-Help: > <mailto:xacml-comment-help@lists.oasis-open.org> > X-No-Archive: > yes > Original-recipient: > rfc822;Anne.Anderson@sun.com > > > Comment from: pog@itst.dk > > Name: Alt. Solution II > Title: IT-architect > Organization: ISK, ITST, MVTU > Regarding Specification: XACML v3.0 administrative policy > > A remark on page 9: Has there been any consideration on using XACML as is? > > Delegation is one policy reformulated into a policy set and split into two policies. > > The Policy-Combining algorithm is given the existence of the original policy as a prerequisite. > > The first of the new policies describes the rule constraining the relation between the original holder and new. > > The second of the new policies describes the rule constraining the relation between the new holder and the original resource. > > Kind Regards > Per-Olav Gramstad > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: xacml-comment-unsubscribe@lists.oasis-open.org > For additional commands, e-mail: xacml-comment-help@lists.oasis-open.org > > > > ------------------------------------------------------------------------ > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. You may a link to this group and all your TCs in OASIS > at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]