OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [xacml] Review of 6. Context Syntax section

I have attached an editted version of the section, containing
numerous grammatical, explanatory, and consistency changes that I
do not think are controversial.

Following are some Change Requests representing substantive
issues I encountered in this section.

Change Request 1: Add mandatory action-id attribute

  Create a reserved attribute identifier
  "urn:oasis:names:tc:xacml:1.0:action:action-id".  Make inclusion
  of an <Attribute> with AttributeId of this identifier mandatory
  under the <Action> element of the <Request> context.  Change
  minOccurs for <Attribute> under <Action> 1.


  We had previously decided that <Action> would have a single
  string value that would be the action id.  Now we need a
  specific AttributeId for this.

  This is consistent with the way resource-id is handled.  It
  provides a consistent, interoperable way of specifying the
  action.  The <DataType> of the <Attribute> can specify whether
  the action value is a string or URI.

Change Request 2: Add optional action-namespace attribute

  Create a reserved attribute identifier
  "urn:oasis:names:tc:xacml:1.0:action:action-namespace".  Make
  inclusion of an <Attribute> with AttributeId of this identifier
  optional under the <Action> element of the <Request> context.


  We previously decided that an <Action> value might be
  associated with a specific namespace, and that an XML attribute
  was needed to express this.

Change Request 3: Add optional action:implied-action identifier

  Create a reserved identifier
  "urn:oasis:names:tc:xacml:1.0:action:implied-action" to
  represent the value of an action that is implied by the


  We have agreed to this concept, but have not reserved an
  identifier for it.

Change Request 4: Change <Result> ResourceURI attribute to


  Since the Request <Resource> identifier is now called
  resource-id, and can be of any data type, the <Result> should
  be consistent.

Change Request 5: Add missing-attribute identifier for StatusCode


  We have values for ok, processing-error, and syntax-error.
  Although we discussed the use case for missing attributes
  extensively, we have not defined a standard identifier for this

Change Request 6: Make context Resource Attribute minoccurs=1

  Current value is minOccurs=0 maxOccurs=unbounded.  Change this
  to minOccurs=1 maxOccurs=unbounded.


  Since Resource MUST contain a resource-id attribute, minimum
  value should be 1.

Anne H. Anderson             Email: Anne.Anderson@Sun.COM
Sun Microsystems Laboratories
1 Network Drive,UBUR02-311     Tel: 781/442-0928
Burlington, MA 01803-0902 USA  Fax: 781/442-1692

Attachment: ContextSyntax.doc
Description: Editted Section 6. Context Syntax

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC