OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-use message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: [CR-9-02-?-Disclosure*]


Hi all,

First off, my apologies for late sending of emails on all of the ballots.  I
will send comments on all of them, obviously late.

My concerns about all of the disclosure requirements, is that I cannot see
how any piece of software could be tested for conformance.  In the case of
Blakely style, "SAM should support *restriction of* disclosure of subject
security attributes, *based on a policy stated by the subject*", how do I
write a conformance test that verifes:
o what are allowable and non-allowable restrictions?
o How do I test that an non-allowable restriction hasn't been made
o How do I verify that a subject has stated a policy?
o How can a subject state a policy

I just don't know how to test any of these things.

Also, I don't know what a subject is.  I know what credentials, principals,
users and system entities are.

Dave Orchard
XML Architect
Jamcracker Inc.,    19000 Homestead Dr., Cupertino, CA 95014
p: 408.864.5118     m: 604.908.8425    f: 408.725.4310

www.jamcracker.com - Sounds like a job for Jamcracker.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC