OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: new OASIS discussion list : XACML

At 06:04 PM 2/27/01 -0500, Hal Lockhart wrote:
>I agree with Nigel. The only differences I can see is the granularity of the
>resource being protected and the maturity of the problem space.
>I would prefer to see a single scheme to cover all requirements. If two
>schemes are required then a single effort which clearly defines when each
>should be used is surely preferable to two efforts which overlap.

I have a somewhat different take.  It could have been appropriate -- not 
required, just appropriate -- to have the S2ML authn credentials and the 
authz question (the payloads of their respective request messages) be in a 
separate XML namespace, especially since the plan was to allow foreign 
namespaces to go there as well for extensibility reasons.  If it's 
technically possible to separate the problem into two vocabularies 
(schemas) that don't have interdependencies, then I think it's useful to 
consider developing them somewhat separately and in parallel for 
efficiency's sake.

Eve Maler                                          +1 781 442 3190
Sun Microsystems XML Technology Center    eve.maler @ east.sun.com

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC