FW: XACML Charter Scope

["Simon Y. Blackwell" <sblackwell@psoom.com>]

-----Original Message-----
From: Simon Y. Blackwell 
Sent: Wednesday, May 23, 2001 2:03 AM
To: 'Hal Lockhart'
Subject: RE: XACML Charter Scope


Given that I actually dreamt about this issue tonight and am now up thinking
about it (boy am I sick ;-), suffice it to say that I concur with Hal.

I do think it should be possible to use existing protocols to query an XACML
repository and exchange messages. SAML should certainly play a role here. My
guess is XPath or XQuery might also.

> -----Original Message-----
> From: Hal Lockhart [mailto:hal.lockhart@entegrity.com]
> Sent: Monday, May 21, 2001 12:48 PM
> To: 'xacml@lists.oasis-open.org'
> Subject: XACML Charter Scope
> 
> 
> I observed on the concall today that the proposed charter 
> says the purpose
> "is to define a core schema and corresponding namespace." I 
> said that this
> alone did not seem to me to be sufficient to allow interoperable
> implementations to be developed without some statement about 
> how documents
> defined by this schema might be exchanged.
> 
> On reflection, I concede that for some applications it would probably
> suffice to say that the document would be generated as a disk file and
> exchanged by any method of choice. However, it is possible that the TC
> wishes to go further. If XACML messages are intended to be 
> associated with
> control of access to portions of XML documents, it seems it 
> would be useful
> to describe how they would be contained in or bound to the 
> document to which
> they refer. If XACML is to be used to provision an access 
> control system,
> then a protocol for requesting and receiving messages might 
> be useful. 
> 
> Increasing the scope in this way would in no way commit us to 
> inventing
> these mechanisms from scratch. It would be sufficient to reference a
> suitable standard developed elsewhere.
> 
> Hal
>