[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [xacml] Fwd: env attributes
Problem noted by Seth Proctor. Anne ------ Anne Anderson Anne.Anderson@Sun.COM Sun Microsystems Laboratories Burlington, MA 781-442-0928
--- Begin Message ---
- From: Seth Proctor <seth.proctor@sun.com>
- To: anne.anderson@sun.com
- Date: Wed, 23 Oct 2002 12:22:39 -0400
In section 10.3.5 of 18d, the spec calls out three attribute identifiers that the PDP must be able to handle specially (these are current-time, current-date, and current-dateTime). Is the idea that these would appear in an AD in a policy, and the PDP is supposed to know to resolve these values itself rather than looking in the Request? I think that's the idea, but it's not spelled out explicitly in the text. Also, these go on that list I started earlier of attributes that should be defined to always be of a particular type: subject-category string or URI resource-id string or URI scope string current-time ??? current-date date current-dateTime dateTime Since each of these identifiers must be special-cased by the PDP, they must always be of a known type. There may be others that should be on this list, but most of the other identifiers are not treated in any special way by the PDP, so the type information is transparent to the PDP. seth--- End Message ---
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC