[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xacml] Re: [xacml-demo-tech] Meta data
I think the meta-data should not be tied to SAML, but should be designed in such a way that it can be inserted into the SAML protocol. For example, you could use the SAML schema for the contents, or something like that. Anne Bill Parducci wrote: > It is an interesting idea-particularly since the SAML meta schema is so > rich--but it does require that the PDP be tied to SAML. Early on in the > TC the thinking was that XACML needs to maintain its independence re: > implementation. Do we still feel that way? > > b > > On May 15, 2007, at 7:00 AM, Anne Anderson - Sun Microsystems wrote: > >> Bill, >> >> I wonder if it makes sense to implement your PDP metadata as part of >> the SAML metadata? The metadata has to be conveyed to clients >> somehow anyway, so implementing it as part of an existing protocol >> makes some sense. >> >> The current proposal in the (in progress) SAML Profile Version 2.0 >> Working Draft 3 is to implement >> a) XACMLPDPDescriptor having standard SAML 2.0 metadata compliant PDP >> info. >> b) XACMLPDPConfig holding extended PDP information. This might be >> where the attribute timing, XACML version, Obligation support, etc. >> should go. >> c) XACMLAuthzDecisionQueryDescriptor - PEP endpoint info >> d) XACMLAuthzDecisionQueryConfig - extended PEP information. >> >> See Issue#74 in the Issues list:http://wiki.oasis-open.org/xacml/ >> IssuesList >> >> Anne >> >> Bill Parducci wrote: >> >>> I am going to give emailing to this list one more shot ;) >>> It would be helpful if the interop participants could keep their >>> eyes open for implementation attributes that are key/useful for >>> establishing interoperability. Where it makes since I would like to >>> incorporate these into the PDP meta schema. >>> I am currently working on meta info re: Attribute calculation, >>> XACML version and Obligation support. >>> thanks >>> b >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: xacml-demo-tech-unsubscribe@lists.oasis- >>> open.org >>> For additional commands, e-mail: xacml-demo-tech-help@lists.oasis- >>> open.org >> >> >> -- >> Anne H. Anderson Email: Anne.Anderson@Sun.COM >> Sun Microsystems Laboratories >> 1 Network Drive,UBUR02-311 Tel: 781/442-0928 >> Burlington, MA 01803-0902 USA Fax: 781/442-1692 > > -- Anne H. Anderson Email: Anne.Anderson@Sun.COM Sun Microsystems Laboratories 1 Network Drive,UBUR02-311 Tel: 781/442-0928 Burlington, MA 01803-0902 USA Fax: 781/442-1692
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]