OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: [xacml] subjects

Comments at end:

On Tue, 5 Nov 2002, Anne Anderson wrote:

> Polar,
> I am having trouble parsing the second paragraph Section 5.3 Complex type
> CategorizedSubjectAttributeDesignatorType (ref:
> http://lists.oasis-open.org/archives/xacml/200211/msg00066.html),
> even apart from the typos :-)
> I have reworded it according to my understanding.  Is my
> rewording true to the intended semantics?  (not necessarily
> better, just correct)
> A "subject" is represented by a <Subject> element of the
> <Subjects> element the <xacml-context:Request> element.  A
> "categorized subject" a "subject" that contains a particular
> "subject category attribute".  A "subject attribute" is an
> attribute located in a particular "subject".  A "named subject
> attribute" is a "named attribute" for a "subject".  A "subject
> category attribute" is the "subject attribute" that matches
> "named subject attribute" with the AttributeId of
> urn:...:subject-category and the DataType of urn:...#string.  A
> "named categorized subject attribute" is a "named subject
> attribute" for a particular "categorized subject".
> A principal, or "subject", involved in making an XACML Request is
> represented by a <Subject> element of the <Subjects> element of
> the <xacml-context:Request> element.  Each <Subject> element must
> contain one and only one attribute with AttributeId of
> urn:...:subject-category.  This is called its "subject category
> attribute". The DataType of this attribute MUST be
> urn:...#string.  No two <Subject> elements may have "subject
> category attributes" that have the same value.

I don't like referring to "subject" as a principal at this point. The
subject can be a group etc. It is also not the thingy making the XACML
reqeuest. But I do see your point about the awkward definitions in
paragraph form.

I've attached a reword of this section in both Doc & PDF files.


Attachment: CategorizedSubjectAttributeDesignatorType.doc
Description: Binary data

Attachment: CategorizedSubjectAttributeDesignatorType.pdf
Description: Adobe PDF document

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC