[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xacml] [EXTERNAL] [xacml] Default behavior for unrecognized resource attributes?
I agree with Erick and Bill on this.
I also wanted to note that, where such metadata (e.g. version of the policy used in a specific decision) is important to the requester, it can be sent back by the <PolicyIdentifierList> element
thereby letting the PDP record the fact that the decision has been made based on such and such version of such and such policy. I think this might be important in some cross-enterprise scenarios where different versions
of a policy/attribute vocabulary might be in use.
Regards,
Mohammad
From: xacml@lists.oasis-open.org [xacml@lists.oasis-open.org] on behalf of William Parducci [bill@parducci.net]
Sent: Friday, January 15, 2016 7:36 AM To: Erik Rissanen Cc: Hal Lockhart; Martin Smith; XACML TC Subject: Re: [xacml] [EXTERNAL] [xacml] Default behavior for unrecognized resource attributes?
Agreed. This could also be handled by version information retained in PDP metadata. This is something that we discussed in the past. It is more general, but would ensure there isn’t an impedance mismatch on evaluation.
b
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]