OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: [security-services] "AuthorizationQuery" and"AuthorizationStatement" are *still* misleading names

I agree that we should change the names as you suggest.  (I have a feeling 
that many smallish issues that are being sent to the list are not getting 
catalogued regularly, which is worrying...  What can we do about this?)


At 01:09 AM 12/18/01 -0800, RL 'Bob' Morgan wrote:

>I sent the message below a couple of weeks ago.  There hasn't been any
>discussion, and core-21 still uses the same old names for these elements,
>which I continue to claim are likely to cause tremendous confusion going
>forward.  I guess at this point I may need to make a formal motion
>regarding this change.  If folks are worried about the resulting names
>being too long, I'm sure we can find a shorter form like "AuthzDecsnQuery"
>if needed.
>  - RL "Bob"
>---------- Forwarded message ----------
>Date: Fri, 23 Nov 2001 15:46:56 -0800 (PST)
>From: RL 'Bob' Morgan <rlmorgan@washington.edu>
>To: OASIS Security Services TC <security-services@lists.oasis-open.org>
>Subject: [security-services] "AuthorizationQuery" and
>     "AuthorizationStatement" are misleading names
>Early in the process of this committee we decided, after much contention
>and explanation and careful thought about concepts and terminology, that
>one of our three assertions (now statements, of course) is an
>"Authorization Decision Assertion", where that name precisely captures the
>intent of the structure.  In particular we observed as part of that
>discussion that the single word "authorization"  by itself can mean so
>many different things that it has to be qualified to be useful.  The text
>of core-20, in section 1, uses the term "Authorization Decision
>Assertion", and section 1.5 has this phrase as its title.
>However, the actual name of the element, as specified in section 1.5 and
>elsewhere, is "AuthorizationStatement".  And, the name of the
>corresponding query element, as specified in section 2.5, is
>"AuthorizationQuery".  It seems to me that these names are misleading and
>should be changed.  This is especially true since a likely user of our
>statement structures is the XACML work, which (though I haven't followed
>it) is supposedly about managing and expressing authorization information.
>So, I strongly suggest that these elements be renamed
>"AuthorizationDecisionStatement" and "AuthorizationDecisionQuery" and that
>the corresponding types be similarly renamed.
>  - RL "Bob"
>To subscribe or unsubscribe from this elist use the subscription
>manager: <http://lists.oasis-open.org/ob/adm.pl>

Eve Maler                                    +1 781 442 3190
Sun Microsystems XML Technology Center   eve.maler @ sun.com

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC