OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: [xacml] IIC012: syntax-error or processing-error?

Polar Humenn wrote:
> For the case when you have a single malformed policy to be evaluated
> against a request, the answer is just simply undefined. The implementer
> can choose. Therefore, there should not be a "CONFORMANCE" test for it.

'undefined' needs to manifest itself somehow in the decision.

back to the run-time vs. precompiled topic for a sec..

supposing that there is a use case/conformance test that has a mis-typed (or otherwise malformed) policy: under the precompiled model, this policy will simply be thrown out upon being communicated to the system; under the run-time model it will generate a status code 'other than OK' and issue a decision of INDETERMINATE. with this in mind we can: (a) allow for both of these scenarios to have it owns conformance criteria; (b) take a stand on which evaluation mechanism is supported; (c) consider it out of scope and allow for unlimted of decision/status combinations.

i personally think that option 'a' is worth considering because option 'b' forces us to make an implementation decision and option 'c' is a bit loose for my taste.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC