[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xacml] Groups - IPC WD-06 uploaded
|
My overall satisfaction with this spec has not risen over the last several working drafts, even though some technical details have been improved and clarified. I remain deeply suspicious about the utility of the attributes and attribute values defined herein, except for ip-owner, ip-agreement, and organizational-affiliation.
I don’t think there is a broad enough base of experience with real-world, complete XACML systems using non-trivial IPC policy sets. I do not think this spec will enable and encourage such implementations. It is far from clear what the best practices are
in this area, but by publishing this spec we would be claiming to have discovered and standardized some features of “best practices”. I’m not ready to do that. Would the Boeing reps consider putting this profile on hold for several months while they develop a production-track XACML system that exercises all the essential
features? (Bell has already implemented IPC policies using attributes that correspond to ip-owner, ip-agreement, and organizational-affiliation, which is why I am less suspicious of those.) If the TC wants to promote the profile substantially as it is, I would like my name to be removed from the editors list. There are also several technical glitches
in the examples, such as misspelled attribute ids, and attribute ids that were turned into attribute values by the latest WD. Section 3 should list all the identifiers defined by the profile, including attribute ids, URI-valued attribute values, and obligation
ids. Regards, --Paul From: xacml@lists.oasis-open.org [mailto:xacml@lists.oasis-open.org]
On Behalf Of John Tolbert Submitter's message
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]