OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: [security-services] Potential errata in handling of Evidence


Our recent decision about making Evidence "singular" and its contents 
"multiple" is documented (poorly) here:

 
http://lists.oasis-open.org/archives/security-services/200203/msg00068.html

I have to take responsibility for the lack of detail in ELM-3, because I 
now discover that I didn't thoroughly propose the entire change that was 
needed.  I apologize...  However, now we have a problem in that the 
change was, in fact, incompletely made and we have an inconsistency:

- In cs-sstc-core-00 line 766, Evidence is correctly defined to appear 
in AuthorizationDecisionStatement either zero or one time.

- In line 754, the prose describing Evidence in the context of 
AuthorizationDecisionStatement *incorrectly* says that "[Any Number]" of 
Evidence elements may appear.  This should say "[Optional]".  This is 
clearly editorial.

- In lines 1106-1107 and 1120, the schema code and prose covering 
Evidence in the context of AuthorizationDecisionQuery is *incorrect* in 
that it hasn't been updated to indicate "[Optional] A set of assertions 
that..." and implicit maxOccurs="1", respsectively; it currently 
indicates "[Any Number] An assertion that ..." and (explicitly) 
'maxOccurs="unbounded"'.  This perhaps looks substantive, but I think 
our intent was clear and this should be considered an erratum.

Sheepishly,

	Eve
-- 
Eve Maler                                    +1 781 442 3190
Sun Microsystems XML Technology Center   eve.maler @ sun.com



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC