[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [security-services] Potential errata in handling of Evidence
Our recent decision about making Evidence "singular" and its contents "multiple" is documented (poorly) here: http://lists.oasis-open.org/archives/security-services/200203/msg00068.html I have to take responsibility for the lack of detail in ELM-3, because I now discover that I didn't thoroughly propose the entire change that was needed. I apologize... However, now we have a problem in that the change was, in fact, incompletely made and we have an inconsistency: - In cs-sstc-core-00 line 766, Evidence is correctly defined to appear in AuthorizationDecisionStatement either zero or one time. - In line 754, the prose describing Evidence in the context of AuthorizationDecisionStatement *incorrectly* says that "[Any Number]" of Evidence elements may appear. This should say "[Optional]". This is clearly editorial. - In lines 1106-1107 and 1120, the schema code and prose covering Evidence in the context of AuthorizationDecisionQuery is *incorrect* in that it hasn't been updated to indicate "[Optional] A set of assertions that..." and implicit maxOccurs="1", respsectively; it currently indicates "[Any Number] An assertion that ..." and (explicitly) 'maxOccurs="unbounded"'. This perhaps looks substantive, but I think our intent was clear and this should be considered an erratum. Sheepishly, Eve -- Eve Maler +1 781 442 3190 Sun Microsystems XML Technology Center eve.maler @ sun.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC