[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Changelog for CS ballot
All, Here is the change log since the first public review: All,
Here are all the changes we have made in the specs since the previous public review: Cross references across the specs have been updated in all specs as well the copyright date. xacml-3.0-core-spec and the core schema: • Fix typos in examples. • Fix typos in schema fragments. • Clarified glossary definition of “obligation” it also mentions that obligations can occur in rules. • Clarified glossary definitions of “policy”, “rule” and “policy set” so they mention that they can contain advice (and obligations for rules). • Updated reference to XML spec to fifth edition. • Clarified introductory section (2.3) to combining algorithms. • Improved consistency in text regarding obligation/advice vs obligation/advice expressions. • Improved consistency in text about that advice/obligations can occur in rules. • Correct errors in the example policies and requests. • Misc improvements in wording and correction of typos in various places (no substantive changes). • Corrected definition of elements <Rule>, <Policy> and <PolicySet> so they correctly reference obligation and advice expressions. • Made a reference to PEP bias from definition of <PolicySet>, instead of incorrectly mandating a “Deny” in the PEP in case of obligation failure. • Allow <AttributeAssignmentExpression> to evaluate to a bag. • Removed redundant occurrence indicators from the RequestType schema definition. • Removed note about XPath 2.0 expert review. • Clarified error behavior of advice/obligations. • Added AdviceId as part of the extensibility list in section 8.1. • Renamed functions uri-starts-with to anyURI-starts-with, uri-ends-with to anyURI-ends-with, uri-contains to anyURI-contains and uri-substring to anyURI-substring • Fixed typos which referenced non-existing data types urn:…:xacml:…*duration. • Reversed the arguments of the string-starts-with, string-ends-with, string-contains, anyURI-starts-with, anyURI-ends-with and anyURI-contains functions. • Clarified error behavior of the string-substring and anyURI-substring functions. • Generalized the xpath-node-match function so it can select any XML node type. • Removed the obsolete attribute id urn:oasis:names:tc:xacml:1.0:resource:xpath • Make it clear that an attribute selector may select an element node. • Fixed formatting of OASIS spec references so they correspond to the OASIS template. • Added an optional “offset” to <AttributeSelector> in the form of the ContextSelectorId XML attribute. • Improved and moved text about the <AttributeSelector>. • Simplified the schema of <PolicyIdentifierList> • Removed text which says that the XACML conformance tests are hosted on the Sun website. • Added references to sections 5, 6, 7, A, B and C in conformance section. • Made the evaluation context of xpaths better specified. • Make text about multiple arguments in the multiply functions more consistent. • Generalized the any-of, all-of, any-of-any and map functions to functions with more arguments. • Removed an unnecessary reference to SAML in section B.4. (Authentication credentials can come from other sources as well in general, so the reference to SAML was too restrictive.) • Updated Acknowledgements. • Restrict <Content> to a single child element. • Replace the EntireHierarchy multiple decision combining mechanism with a more restricted scheme controlled by the CombinedDecision XML attribute in the <Request> element. • Fixed errors in the reference section. • Updated cross references to the profiles. • Removed reference to “leaf” nodes in section 7.3.2 since this was unnecessary restriction. • Removed statement in section B.4 which said that the subject-id is a string by default. xacml-3.0-administration-v1-spec: • Updated Acknowledgements. • Fixed formatting of OASIS spec references so they correspond to the OASIS template. • Fix typos. • Fix errors in examples. xacml-3.0-dsig-v1-spec: • Updated Acknowledgements. • Fixed formatting of OASIS spec references so they correspond to the OASIS template. • Fixed a broken bookmark in a reference. xacml-3.0-hierarchical-v1-spec: • Updated Acknowledgements. • Fixed formatting of OASIS spec references so they correspond to the OASIS template. • Fixed typos. • Fix 2.0 -> 3.0 typos in some identifiers. • Improved formatting conventions. • Updated reference to RFC 3986 (was RFC 2396). • Clarified meaning of the profile identifiers (they are only metadata about the functionality). • Improved the URI scheme with XML node pointers. • Use content-selector instead of resource-id for the XML/XPath scheme. • Don’t specify the “ancestor attributes” in the XML/XPath scheme. xacml-3.0-multiple-v1-spec: • Updated Acknowledgements. • Fixed formatting of OASIS spec references so they correspond to the OASIS template. • Changed name to “Multiple Decision Profile” • Improved abstract. • Updated all text to talk about “multiple decisions” instead of “multiple resources” • The XML/XPath scheme uses now the content-selector and multiple:content-selector attributes instead of resource-id. This also generalizes the XML scheme to other categories than the resource. • Clarified meaning of the profile identifiers (they are only metadata about the functionality). • Separate the “ancestor scheme” and the XML scheme from each other, that is, don’t use the ancestor attributes for the XML scheme. • Reworded some text to make it clearer. • Drop the “EntireHierarchy” scope in favor of the new CombinedDecision XML attribute of the <Request> element. • Added a new section which specifies the overall order of processing of the various schemes. • Drop the XPathExpression scope in favor of the new multiple:content-selector attribute. • Rename some of the schemes and the associated metadata identifiers. xacml-3.0-privacy-v1-spec: • Updated Acknowledgements. • Fixed formatting of OASIS spec references so they correspond to the OASIS template. • Fixed formatting issues. • Fixed errors in the XML fragment. xacml-3.0-rbac-v1-spec: • Updated Acknowledgements. • Fixed formatting of OASIS spec references so they correspond to the OASIS template. • Clarified that a permission policy set may contain policy sets. • Fixed formatting issues. • Fixed errors in examples. xacml-profile-saml2.0-v2-spec: • Updated Acknowledgements. • Fixed formatting of OASIS spec references so they correspond to the OASIS template. • Added an extension point to the AuthZ query schema. • Fix formatting issues. • Removed a reference to a non-existing section. In addition to the above, in all schema files: • Fixed schema import cross reference URLs • Fixed OASIS copyright Best regards, Erik |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]