OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xacml-dev] XACML 2

Hi Diego.

> I'm having some free time in the next weeks se I'll like to know
> if anybody have started with a 2.0 implementation. If so how do you
> manage the 1.1 and 2.0 differences and schema versioning issues (i.e.
> what happens if a 1.0 Context is evaluated using a 2.0 Policy, and
> issues like that).

I am just starting to work on supporting 2.0 in my SunXACML project. In
fact, I'm about to send mail to the sunxacml-discuss list asking for
volunteers :) If you'd like to get involved, let me know.

You raise some good questions here. It's not entirely clear how this is
supposed to happen. In theory, the important boundries haven't changed
(eg, decisions, request formats, Policy[Set] as top-level entity), so a
1.0 request should be valid with a 2.0 policy, and a 2.0 policy should
be able to reference a 1.x policy. I can't think of any rules about this
in the 2.0 spec off the top of my head, but I'll poke around. For my
project, I plan to be as flexible about this as possible.

> Is there any document with all the differences between 1.1 and 2.0
> wc-current? Because the differences are only available comparing the
> last version.

No. There was supposed to be a writeup, but it didn't happen (I think
the person who owned this item got too busy with other stuff). I have
thought about writing this, but I haven't had the time. If you wanted to
do this, I think it would be valuable, and I'd be happy to provide some
assistance. I did recently go through the exercise of doing a complete
review of the 2.0 draft, so I have a reasonable sense of what changed.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]