OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [xacml-comment] Test IIB025

This test appears to be designed to illustrate a subject-id mismatch
between the Subject in the Context Request ('Julius Hibbert'), and that
in the Policy's Rule Target ('Julius'). This would lead to a 'not
applicable' Response. 
However, the Subject Attribute in the Context Request does not specify
an Issuer,  wheras the 
SubjectAttributeDesignator in the Rule Target does specify an Issuer.
From my reading of the Attribute matching portion of the spec (section
7.9.1), this should mean that the two attributes do not match and their
values therefore cannot be compared. As the PDP will thus be unable to
resolve the correct subject-id attribute from the policy, the response
should therefore be 'indeterminate'. Is this a correct interpretation?


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC