OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: [xacml] [Model] Re: Composition Use Case

On Mon, 17 Dec 2001, Anne Anderson - Sun Microsystems wrote:

> X-Mailer: Sun NetMail 2.3
> MIME-Version: 1.0
> Content-Type: text/plain; charset="US-ASCII"
> Content-Transfer-Encoding: 7bit
>
> On 17 December, bill parducci writes: Re: [xacml] [Model] Composition Use Case
>  > /*
>  > 1. Ability to describe Matching Rules for attributes (for
>  >     example, does "A@EnergyInfoAdmin.doe.gov" match "*.doe.gov").
>  > */
>  >
>  > this is really the key requirement in my example: pattern matching. the
>  > only difference here from what i tossed out was that my 'case' used this
>  > against payload (content) as well has requester information. since i
>  > believe that payload is just another field i think that the generalized
>  > requirement for pattern matching meets the requirement. as pointed out
>  > earlier by a couple of people, i believe that regular expressions should
>  > be used as the basis for patterning.
>
> Matching of X500 Distinguished Names can not be handled via
> regular expressions (case, ordering of attribute-value
> assertions, handling of spaces, etc.).  URL's can not be handled
> via regular expressions (places where case matters versus where
> it does not).  Attributes that are themselves complex types (such
> as certain X509 Attribute Certificate attributes) can not be
> handled via regular expressions.
>
> I don't think the language syntax itself can handle the matching
> rules for real-world sets of attributes.  I think the language
> must have a way of pointing to executables for handling the
> matching.

And what assurance do you have that the executable does the right thing?

-Polar

>
> Anne
> --
> Anne H. Anderson             Email: Anne.Anderson@Sun.COM
> Sun Microsystems Laboratories
> 1 Network Drive,UBUR02-311     Tel: 781/442-0928
> Burlington, MA 01803-0902 USA  Fax: 781/442-1692
>
>
> ----------------------------------------------------------------
> To subscribe or unsubscribe from this elist use the subscription
> manager: <http://lists.oasis-open.org/ob/adm.pl>
>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC