[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [xacml] IIC012: syntax-error or processing-error?
Polar Humenn wrote: > For the case when you have a single malformed policy to be evaluated > against a request, the answer is just simply undefined. The implementer > can choose. Therefore, there should not be a "CONFORMANCE" test for it. 'undefined' needs to manifest itself somehow in the decision. back to the run-time vs. precompiled topic for a sec.. supposing that there is a use case/conformance test that has a mis-typed (or otherwise malformed) policy: under the precompiled model, this policy will simply be thrown out upon being communicated to the system; under the run-time model it will generate a status code 'other than OK' and issue a decision of INDETERMINATE. with this in mind we can: (a) allow for both of these scenarios to have it owns conformance criteria; (b) take a stand on which evaluation mechanism is supported; (c) consider it out of scope and allow for unlimted of decision/status combinations. i personally think that option 'a' is worth considering because option 'b' forces us to make an implementation decision and option 'c' is a bit loose for my taste. b
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC