[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xacml-users] Help on Condition ? <-- Obligations
I've been holding back on this discussion because I'm still somewhat unsure what I think of the issue. Generally, I agree with what Bill has suggested, that the notion of an "Obligation" is really different than what we want for notification, and while it can be used here it's further confusing an already (in my opinion) complex feature. On the other hand, I hate to introduce a new mechanism at this point, or rush to push Obligations into Rules without fully understanding what the impact here would be. I do very much believe that notification is a strong use-case. With that in mind, I wonder what others would think about using the Status element for this application. My experience is that Status doesn't get used much, since you can't include any detail except on Indeterminate, and even then there's no abaility for a policy writer to provide status details. What about allowing Detail with a Status of Deny, and adding a new attribute (or something) to Rule that let you define the Detail? I'm making this up as I go along, but it seems like it might get us what we want without having to invent anything too new or confusing. Thoughts? seth
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]