OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: [xacml] SP01: 18c comments. Forwarded message from Seth Proctor.

 >  - 3.3.2.1 (PolicyTarget) still makes it unclear that Policy Target is
 >      computed before arriving at the PDP. I know you're working on new
 >      language, so that may just not have been added yet.

A new "Section 7.x Target Construction" is proposed in AA06.
This also affects HL02 "Policy Indexing".

I suggest that all discussion of how Policy and PolicySet targets
are computed be replaced with "See Section 7.x Target
Construction for information about how targets may be
constructed." and with the actual text of such a Section 7.x.

This includes the following locations:
1) Section 2.8 Policy indexing, p. 14-15, lines 470-480,
   beginning with "Two approaches are supported" and ending with
   "In either case, it is the policy writer's responsiblity to
   ensure that only one policy statement applies to a particular
   decision request."
2) Section 3.3.2.1 Policy target, p. 20, lines 630-645, beginning
   with "The target may be declared by the writer of the
   policy,or..." and ending with "In this case, the targets may
   be omitted from the ocmponent rules."
3) Section 5.1 Element <PolicySet>, p. 44, lines 1861-1863,
   beginning with "The <Target> element MAY be declared..." and
   ending with "either as an intersection or as a union."
4) Section 5.5 Element <Target>, p. 46, following line 1908,
   just before the schema fragment and after the sentence ending
   with "...<Target> element and the corresponding section of the
   <xacml-context:Request> element."
5) Section 5.17 Element <Policy>, p. 52, lines 2170-2172,
   replacing "The <Target> element MAY be declared by the creator
   of the <Policy> element, or it MAY be computed from the
   <Target> elements of the referenced <Rule> elements either as
   an intersection or as a union."

-- 
Anne H. Anderson             Email: Anne.Anderson@Sun.COM
Sun Microsystems Laboratories
1 Network Drive,UBUR02-311     Tel: 781/442-0928
Burlington, MA 01803-0902 USA  Fax: 781/442-1692

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC