[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Obligation Proposal
I like the proposal for Obligation Families. I am not sure I completely understand it though. It is my understanding that a family represents a particular combination of combining behaviors is that correct? I think any given Obligation has to be a member of exactly one family, correct? >There are a number of open questions still remaining. Two that come to mind >now are: >1. How are families in turn related to each other? I am not sure I understand the question. It seems to me that combining has to occur within each family. The results of combining each family are aggregated. In other words Families are Repetitive with respect to each other. >2. I didn't use URI for identifying the family types. The type is clear from the xsi:type xml attribute, but using names for identifiers is not used much in XACML, so I am not sure if people like that. :) I prefer consistency, but I don't feel too strongly. What would it look like with a URI? >And, as I wrote earlier, the use cases get more complex with delegation. I had forgotten we agreed to carry obligations in Admin policies which are applied to the access decision. Do we have motivating use cases for this functionality? I am not really sure how it would be used. I agree that things will get quite complex. Hal
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]