OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [xacml] subject categories


First off, these Subject Categories have been in XACML since version 1.0.

 

There are actually 5. You missed “urn:oasis:names:tc:xacml:1.0:subject-category:codebase”.

 

Their semantics are defined in Appendix B, section B2.

 

Hal

 

From: Mohammad Jafari [mailto:mjafari@edmondsci.com]
Sent: Monday, July 22, 2013 11:09 PM
To: xacml@lists.oasis-open.org
Subject: [xacml] subject categories

 

Hello,

 

As we are trying to update the XSPA XACML profiles, one of the tasks is to support XACML version 3. I noticed that for “subject” attributes, there are now 4 different categories defined in the core. The mandatory category:

urn:oasis:names:tc:xacml:1.0:subject-category:access-subject

and the optional categories:

urn:oasis:names:tc:xacml:1.0:subject-category:recipient-subject

urn:oasis:names:tc:xacml:1.0:subject-category:intermediary-subject

urn:oasis:names:tc:xacml:1.0:subject-category:requesting-machine

 

But the core does not provide any definition or discussion about the differences between these categories. I was wondering if anyone can comment about the differences or refer me to a definition so that we can make a better decision on which category to use for which attributes.

 

Thanks.

 

Regards,

Mohammad

 



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]