[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [xacml] 7.7 Obligations
>not sure how you come to this conclusion: conformance is now more difficult for the reasons stated above. rather >than taking the position: >"if you don't understand the decision, effectively DENY--ALL PEPs behave the SAME" Pardon me for repeating a question: why DENY? Is not a decision with obligation just another kind of decision - and when an unambiguous and deterministic decision is reached - XACML land ends. Enforcement point may lock you out of a building, or open floodgates and drown your town - on either PERMIT, or DENY. Or shut itself down when it cannot understand the obligation. It does not seem to me that the action taken by PEP is in the scope of XACML at all. And I agree - adding any protocol to communicate whether PEP understands anything is an unworkable complexity.. Daniel;
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC