OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: [xacml-comment] no rules or policies

On Wed, 27 Nov 2002, Seth Proctor wrote:

> As a side note, I don't really understand what the value is of having a Policy
> with no Rule, since it will always return the same thing (probably N/A), so
> why bother going through the effort of evaluating it? In other words, what
> is the reason for the schema defining PolicyType to have
>   <xs:element ref="xacml:Rule" minOccurs="0" ...

The reason is that XACML (in the long run) will most likely be generated
by tools. I can't see anybody that would want to really write such copious
verbage at the keyboard.  When generating from other laguages or GUIs it
is quite easy to end up with policies with no rules, conjunctives or
disjunctives with no elements, etc.  For logical completeness, these cases
should be allowed and handled in a logically sound manner.

Also, if the minimum administrative element for a PDP is the policy. One
use case, Let's say that you will dynamically add rules, so to start you
have no rules, but you still have to configure your PDP with a policy
there. So you shouldn't force people to have rules where they don't have


> seth
> ----------------------------------------------------------------
> To subscribe or unsubscribe from this elist use the subscription
> manager: <http://lists.oasis-open.org/ob/adm.pl>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC