OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xacml] Minutes for 19 November 2009 TC Meeting

Subsequent to the minutes

Rich.Levinson wrote:

> 
> Proposed schema change for policies and discussion from
>  David Chadwick and response from Erik:
>   http://lists.oasis-open.org/archives/xacml/200911/msg00023.html
> 
>    Erik: David proposed req ctx schema for ext pts xml any, where
>     can put proprietary policy lang things; doesn't make sense
>     to std on any policies in fmt; suggest using saml/xacml
>     mechanism
>    Rich: sees it as potentially disruptive, effectively allowing
>     elements as children of PolicySet
>    Bill: proprietary elements don't make sense; need further info
>     to be considered;
> 
>     defer topic until more info from David addressing concerns
>      in email and minutes
> 

It makes sense because we cannot assume that every PDP talks the XACML 
policy language. However, it is possible to make every PDP talk the 
XACML request/response context. Once we have sticky policies and 
obligations which we pass around a distributed system we need to be able 
to cater for multiple policy languages. If you see my presentation at 
W3C yesterday at

http://www.w3.org/2009/policy-ws/slides/Chadwick.pdf

and look at slide 5 from 11, you will see why we need to relax the 
schema requirements on the policy element in the SAML-XACML profile, 
otherwise we have no standard way of passing a sticky policy to an AIPEP 
or Master PDP.

regards

David




*****************************************************************
David W. Chadwick, BSc PhD
Professor of Information Systems Security
The Computing Laboratory, University of Kent, Canterbury, CT2 7NF
Skype Name: davidwchadwick
Tel: +44 1227 82 3221
Fax +44 1227 762 811
Mobile: +44 77 96 44 7184
Email: D.W.Chadwick@kent.ac.uk
Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html
Research Web site: http://www.cs.kent.ac.uk/research/groups/iss/index.html
Entrust key validation string: MLJ9-DU5T-HV8J
PGP Key ID is 0xBC238DE5

*****************************************************************

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]