OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: RE: [XACML] Privacy & Security


Title: RE: [XACML] Privacy & Security

On 3 May, JMaclean@affinitex.com writes: [XACML] Privacy & Security
 > 4 - Integrity of Policy
 > It is important to ensure that the policy statement have not altered since
 > they were originally prepared by the PAP.  In the many cases, this can be
 > achieved by ensuring the integrity of the systems and implementing session
 > level techniques to secure the communication between.
 >
 > However, when policy is distributed between organizations to be acted a pone
 > at a later or when the policy travels with data, it is necessary to have
 > some meta about the policy statements such as who authored the policy and
 > when it was written.  In these cases, it will be useful to have digital
 > signature of the policy included with the meta data about the policy.   

There is no connection between "it is necessary to have some
meta[data] about the policy statements such as who authored the
policy and when it was written." and "it will be useful to have
digital signature of the policy included with the meta data about
the policy."  The signatures can be validated separately and
independently from the meta-data about who authored the policy
and when it was written.

Anne


Yes, signatures can be validated separately and independently from the meta-data.
However, if the signature is not kept with the policy or at least a reference to the signature, some sort of crossreference will be needed to identify the signature that applies to the policy.

Maybe issuer is a better term than author. In some senarios, it will be important to know who issued the plociy and to have thier digital signature of the ploicy. It seems to me that these to items are related. 

James





[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC