OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-use message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Comments on draft-sstc-hodges-glossary-01

1. "Access control request" is equated with access request. This seemed
   a little strange to me. To me the intuitive version would be that
   "Access control request" is a request to control access that may be
   made by an administrator on a policy decision point to change its
   behaviour. I suggest deleting "Access control request" (on the
   gounds "less is more").

2. I was expecting to see definitions of PDP and PEP. I request that
   these be included. (I don't think they require much work). PDP =
   entity implementing the ADF. PEP = Entity implementing AEF). I have
   misused these terms in the past (misinterpreting RFC 2904 and
   related texts). I note PEP and PDP are used in usecases-strawman-2.html

3. "Subject" seems to be adequately covered by the definition of
   "security subject". I don't think further qualification is


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC