OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [xacml-dev] XACML 2

Sorry, forget to add some comment.

Seems the scenario you are proposing about references between versions
is covered with the elements that extends IdReferenceType
(PolicySetIdReference and PolicyIdReference) now the references must add
some information about versioning: Version, EarliestVersion and
LatestVersion. The section 5.21 defines the matching behavior. 


-----Original Message-----
From: Seth Proctor [mailto:Seth.Proctor@Sun.COM] 
Sent: Tuesday, September 21, 2004 5:37 PM
To: Diego M. Gonzalez
Cc: xacml-dev@lists.oasis-open.org
Subject: Re: [xacml-dev] XACML 2

Hi Diego.

> I'm having some free time in the next weeks se I'll like to know if 
> anybody have started with a 2.0 implementation. If so how do you 
> manage the 1.1 and 2.0 differences and schema versioning issues (i.e.
> what happens if a 1.0 Context is evaluated using a 2.0 Policy, and 
> issues like that).

I am just starting to work on supporting 2.0 in my SunXACML project. In
fact, I'm about to send mail to the sunxacml-discuss list asking for
volunteers :) If you'd like to get involved, let me know.

You raise some good questions here. It's not entirely clear how this is
supposed to happen. In theory, the important boundries haven't changed
(eg, decisions, request formats, Policy[Set] as top-level entity), so a
1.0 request should be valid with a 2.0 policy, and a 2.0 policy should
be able to reference a 1.x policy. I can't think of any rules about this
in the 2.0 spec off the top of my head, but I'll poke around. For my
project, I plan to be as flexible about this as possible.

> Is there any document with all the differences between 1.1 and 2.0 
> wc-current? Because the differences are only available comparing the 
> last version.

No. There was supposed to be a writeup, but it didn't happen (I think
the person who owned this item got too busy with other stuff). I have
thought about writing this, but I haven't had the time. If you wanted to
do this, I think it would be valuable, and I'd be happy to provide some
assistance. I did recently go through the exercise of doing a complete
review of the 2.0 draft, so I have a reasonable sense of what changed.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]