[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] Decision="Deny" with <Action>Read</Action> VERSUS Decision="Permit" with <Action>~Read</Action>
On Fri, 2006-03-31 at 12:53, Barnhart, Michael A wrote: > For Approach 2, I have to ask what is authorization of “what could be > interpreted as “non-read” operation mean.” What I am saying is that > form would confuse most of the implementers around me. The only possible use for something like this that I can see would be implement a "default to access" model of resources, e.g. they could do everything but read. Other than that, I agree that it is confusing and the first approach should be preferred. ast -- Join me in Dubrovnik, Croatia on May 8-10th when I will be speaking at InfoSeCon 2006. For more information, see www.infosecon.org. *************************************************************************************************** The information in this email is confidential and may be legally privileged. Access to this email by anyone other than the intended addressee is unauthorized. If you are not the intended recipient of this message, any review, disclosure, copying, distribution, retention, or any action taken or omitted to be taken in reliance on it is prohibited and may be unlawful. If you are not the intended recipient, please reply to or forward a copy of this message to the sender and delete the message, any attachments, and any copies thereof from your system. ***************************************************************************************************
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]