OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [xacml] Example of dag and forest used to manage collection of resources for comparison




Bottom line: again as I see it, this is the problem with the person who was the xacml-commenter referenced in earlier emails who was seeking advice, presumbably guided by the spec in its current form to dismantle their URIs. To me, this appears as if they are basically destroying information that they had already established as a sunk cost, and constraining themselves to work within the more limited framework that the lesser information provides.


This assumption is incorrect.  There is no need to construct any URI in the first place.

This whole overly complicated example demonstrates that XACML should not be involved in any form of resource ontology management.  It is based on wrong and completely unjustified assumption about what hierarchy means for the purpose of policy evaluation.     From the point of view of PDP, there is only one hierarchy.  There is only one "customer" at a time.  All we need to do is to specify is a protocol to transmit this information to PDP.    That is completely sufficient.   DAG accomplishes that.   Everything else is completely extraneous, not needed, and none of our business.    We should clarify the existing specification about the use of opaque unique identifiers, remove any references to URI's for the non-XML case, and leave it at that.  It works, and works correctly.

Daniel;




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]