OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [xacml] change request: xacml context attributes and data types

Currently <xacml-context:Attribute> element allows DataType attribute.
 
Rationale for keeping DataType attribute in the <xacml-context:Attribute> element was that
it can sometimes be helpful, such as specifiying subject-id format, like
subject-id="cn=simon", data-type="x500-name"
 
But this information is redundant, because subject-id attribute will be passed to the specific
function that expects arguments of certain type. For example, if subject-id is passed to
the x500Name-equal function it expects it's arguments to be in x500 name format.
 
So data type does not add value here.
 
Another problem is that we can not access DataType attribute with AttributeDesignator.
 
Proposal: remove DataType attribute from the <xacml-context:Attribute>.
 
Simon
 

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC