OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [xacml-dev] Use of conformance identifiers


Ok, thanks for the confirmation.

 

-Danny

 

From: Hal Lockhart [mailto:hal.lockhart@oracle.com]
Sent: Thursday, December 01, 2011 7:46 AM
To: Danny Thorpe; xacml-dev@lists.oasis-open.org
Subject: RE: [xacml-dev] Use of conformance identifiers

 

Our intention was to create a Metadata Profile (a draft exists in the archives) which would describe alternatives for publishing metadata, standardized elsewhere. Our model was the SAML Metadata Profile.  Unfortunately no one has been working on this profile for some time.

 

The intent is as you describe, to provide allow two implementations to learn how they can interop or for an implementation to select from among several others the one with the capabilities it needs. It was intended that this would work in multiple environments.

 

Hal

-----Original Message-----
From: Danny Thorpe [mailto:danny.thorpe@bitkoo.com]
Sent: Wednesday, November 30, 2011 3:36 PM
To: xacml-dev@lists.oasis-open.org
Subject: [xacml-dev] Use of conformance identifiers

Several of the Xacml 3 profiles (Multiple Decision Profile section 7, SAML 2.0 Profile of XACML, section 9) have conformance sections that state that if your implementation supports feature XYZ, then you should indicate that support using a particular oasis-defined identifier for XYZ. 

 

The wording differs between profiles – the Multiple Decision Profile says these identifiers “may” be used, but the SAML-XACML profile uses “MUST”:  “Each

implementation MUST clearly identify the subsets it implements using the following identifiers.

 

What does “clearly identify” mean here?  How should these conformance identifiers be exposed?  Are these identifiers intended for automated discovery, or just for documentation?

 

For automated discovery, I can see how this might fit with the HTTP OPTIONS method, where a client can ask a server what options the server supports for a given URL – essentially, retrieve metadata instead of the content.

 

Is that how these conformance identifiers are intended to be reported and consumed?

 

Thanks,

-Danny Thorpe

BiTKOO



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]