OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xacml] Item 60 (Define standard "purpose" attributes)

Daniel Engovatov wrote:

> Just, if we start going that route, I have a boatload of very useful
> attributes to specify, such as "direction" (access on the way in or out)
> and so on.

i'm with you on that one; i have been thinking about how best to tackle 
'direction' for quite some time now.

as to this:

 > Could you add to your proposal why this should be part of the standard?
 > As far as I can see there are no issues with implementing this behavior
 > using a custom recombination algorithm.

i would offer that if there is sufficient applicability in such attributes we 
may be able to avoid 'custom recombination algorithms' by implementing them into 
the spec. by definition, custom extensions create a non-transportable policy set 
and i believe it is the general consensus of the group to limit the instances 
where this may be necessary provided there is sufficient justification 
(interoperability being something of good thing :o)

of course, that begs the question of what constitutes sufficient justification. 
based on tim's proposal i believe that he is making the case that 'purpose' is 
one such attribute. perhaps the most efficient way to deal with this is to step 
back a little and take a look at a collection of attributes that are not 
currently spelled out in the current draft and see if there is a general 
approach that can be taken, if each attribute requires a specific solution or if 
the whole 'boatload' should be handled implementationally (considering also the 
general perceived value of each).

to that end, if you have additional attributes you would like considered perhaps 
you could post them? since i suspect that 'purpose' will not be the last 
attribute to merit such consideration i personally would be interested in seeing 
if we cannot create a more general solution to (i have been looking for a place 
to insert the <existential> tag into the schema: 'i have purpose, therefore i 
exist' :o)


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]