[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: Final text of ballot
My votes, along with some comments. -- Marlena {AP-1} Generalized or specialized solution Answer: 1. We should develop a generalized solution as an interim step to satisfying the specific requirements identified by the Use Cases sub-committee. {AP-2} Questions the PEP can ask the PDP Answer: 1. "Yes/No/Can't decide". COMMENT/Question: I'm fine with #3 in the context of an authorization decision. I thought this is what was meant, but now I see that the wording of #3 doesn't mention an authZ decision.. I'd like to vote as follows: Yes, for the PEP soliciting additional information as part of its authorization decision request. No, for the PEP soliciting attributes (and just attributes) from a PDP. (Reason: This is not what I understand the PEP-PDP authZ interaction to be about. Doing an attribute query is a different matter than an requesting an authorization decision (IMHO). (I'd hate to have both a 'real' attribute query and also one that is wearing the hide of an authZ decision query.) {AP-3} Question: should we define a PDP-PDP protocol? Answer: 2. No. {AP-4} The number of assertions in a message Question: How many assertions may appear in a single message? Answer: 3. An unlimited number. COMMENT: My feeling is that related assertions might well be bundled together in a single message. Having "depends on" fields (or the like) that contain assertion references doesn't strike me as sufficient. That said, I don't feel very sure about this, and would welcome more discussion. {AP-5} Combining components Answer: 1. The model should explicitly identify that components of the model may be combined. {AP-6} Assertion validation component Answer: 1. The model should identify "assertion validation" as a separate component.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC