OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-users message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [xacml-users] Help on Condition ? <-- Obligations



I've been holding back on this discussion because I'm still somewhat unsure
what I think of the issue. Generally, I agree with what Bill has suggested,
that the notion of an "Obligation" is really different than what we want
for notification, and while it can be used here it's further confusing an
already (in my opinion) complex feature. On the other hand, I hate to
introduce a new mechanism at this point, or rush to push Obligations into
Rules without fully understanding what the impact here would be.

I do very much believe that notification is a strong use-case. With that
in mind, I wonder what others would think about using the Status element
for this application. My experience is that Status doesn't get used much,
since you can't include any detail except on Indeterminate, and even
then there's no abaility for a policy writer to provide status details.
What about allowing Detail with a Status of Deny, and adding a new
attribute (or something) to Rule that let you define the Detail? I'm
making this up as I go along, but it seems like it might get us what
we want without having to invent anything too new or confusing.

Thoughts?


seth


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]