[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xacml] Minutes for 19 November 2009 TC Meeting
Subsequent to the minutes Rich.Levinson wrote: > > Proposed schema change for policies and discussion from > David Chadwick and response from Erik: > http://lists.oasis-open.org/archives/xacml/200911/msg00023.html > > Erik: David proposed req ctx schema for ext pts xml any, where > can put proprietary policy lang things; doesn't make sense > to std on any policies in fmt; suggest using saml/xacml > mechanism > Rich: sees it as potentially disruptive, effectively allowing > elements as children of PolicySet > Bill: proprietary elements don't make sense; need further info > to be considered; > > defer topic until more info from David addressing concerns > in email and minutes > It makes sense because we cannot assume that every PDP talks the XACML policy language. However, it is possible to make every PDP talk the XACML request/response context. Once we have sticky policies and obligations which we pass around a distributed system we need to be able to cater for multiple policy languages. If you see my presentation at W3C yesterday at http://www.w3.org/2009/policy-ws/slides/Chadwick.pdf and look at slide 5 from 11, you will see why we need to relax the schema requirements on the policy element in the SAML-XACML profile, otherwise we have no standard way of passing a sticky policy to an AIPEP or Master PDP. regards David ***************************************************************** David W. Chadwick, BSc PhD Professor of Information Systems Security The Computing Laboratory, University of Kent, Canterbury, CT2 7NF Skype Name: davidwchadwick Tel: +44 1227 82 3221 Fax +44 1227 762 811 Mobile: +44 77 96 44 7184 Email: D.W.Chadwick@kent.ac.uk Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html Research Web site: http://www.cs.kent.ac.uk/research/groups/iss/index.html Entrust key validation string: MLJ9-DU5T-HV8J PGP Key ID is 0xBC238DE5 *****************************************************************
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]