OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: A couple of quick comments on the obligation profile

Hi,
Here are some quick comments on the obligation profile. I haven't read it all in detail yet though. 

Steven already provided many good points.
- The XACML 2.0 examples are not valid according to the XACML 2.0 schema. You cannot use dynamic obligation content like this in 2.0:
<AttributeAssignment AttributeId="[HOP]:hl7:record-id" DataType="[XML]#String"> <ResourceAttributeDesignator AttributeId="[XACML1]:resource:resource-id" DataType="[XML]#string" /> 
    </AttributeAssignment>
I would suggest you target the profile for 3.0 rather than trying to retrofit this on 2.0 PDPs.
- There should be discussion on error conditions because it's possible to define inconsistent obligations, like A must go before B and B must go before A. 

Best regards,
Erik

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]