OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: wd-20 issues (mostly typos)

7.19.3 Missing attributes
	"If, in this case, and a status code is supplied, then the value"
- Remove "and".


A.2 Data-types
	"XPath expression
	The "urn:oasis:names:tc:xacml:3.0:data-type:xpathExpression" primitive type represents an XPath expression selects over the XML in a <Content> element."
- Remove "selects"?


A.3.10 Bag functions
	"urn:oasis:names:tc:xacml:x.x:function:type-one-and-only
	This function SHALL take a bag of 'type' values as an argument and SHALL return a value of '-type'."
- "'-type'" should be "'type'".

	"urn:oasis:names:tc:xacml:x.x:function:type-is-in
	This function SHALL take an argument of 'type' as the first argument and a bag of type values"
- Second "type" should be "'type'".


A.3.12 Higher-order bag functions
	"urn:oasis:names:tc:xacml:1.0:function:all-of
	This function applies a Boolean function between a specific primitive values"
- "values" should be "value"

	"urn:oasis:names:tc:xacml:1.0:function:all-of-any
	This function applies a Boolean function between the elements of two bags.  The expression SHALL be "True" if and only if the supplied predicate is 'True'"
- Last "True" should be wrapped in double quotes, not single.

	"urn:oasis:names:tc:xacml:1.0:function:any-of-all
	The expression SHALL be evaluated as if the "rn:oasis:names:tc:xacml:1.0:function:any-of""
- URI should start with "urn:", not "rn:"


B.4 Subject attributes
	"urn:oasis:names:tc:xacml:1.0:subject:authn-locality:ip-address
	The corresponding attribute SHALL be of data-type "http://www.w3.org/2001/XMLSchema#string";.
	
	urn:oasis:names:tc:xacml:1.0:subject:authn-locality:dns-name
	The corresponding attribute SHALL be of data-type "http://www.w3.org/2001/XMLSchema#string".";
- Why aren't these of types urn:oasis:names:tc:xacml:2.0:data-type:ipAddress and urn:oasis:names:tc:xacml:2.0:data-type:dnsName?


C.1 Extended Indeterminate values
	"The output of a combining algorithm which does not track the extended set of "Indeterminate" values MUST be treated as "Indeterminate{DP}""
- Only if the output is Indeterminate.


C.4 Permit-overrides
	"5.	Otherwise, if decision is "Deny", the result is "Deny"."
- "if decision" should be "if any decision".


C.6 Deny-unless-permit
	"The decisions may be processed in any order, so the set of obligations provided by this algorithm is not deterministic."
- And advice.


C.10 Legacy Deny-overrides
	"for( i=0 ; i < lengthOf(ruless) ; i++ )"
- "ruless" should be "rules"


Thanks,
Ray

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]