OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: [xacml] proposed amendment to Polar's resolution of PM-2-05

i don't wish to dwell on this because i think that we have a decision
that all can agree with.

> But the much more important reason in the context of this debate, is that
> the PEP MUST be a trusted component! The PEP is responsible for enforcement.
> If the PEP is subverted, it can ignore what the PDP says and allow any sort
> of access it likes. It can even refuse to consult the PDP.

rule #1 in hacking: prey upon assumptions. how do you know you are
talking to the PEP?

implementers can choose to ignore as it may not be worth reducing the
desired feature set, however it is a risk.

b

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC