RE: [xacml] xacml combiner alg extension points

[Tim Moses <tim.moses@entrust.com>]

Title: Message

Colleagues - I might have expected the parameters to be associated with <Policy> and <Rule> elements, not <PolicySet> and <Policy> elements.  Have I got this wrong (not out of the question)?  All the best.  Tim.

-----Original Message-----
From: Simon Godik [mailto:simon.godik@overxeer.com]
Sent: Tuesday, February 03, 2004 2:29 AM
To: xacml@lists.oasis-open.org
Subject: [xacml] xacml combiner alg extension points

xacml extension points proposal.

 

Polar pointed out that previous xacml extension proposal is somewhat misleading with it's use of

@MustUnderstand attribute and where parameters are interpreted.

 

Here is cleaned up version, hopefully.

 

Proposal:

Allow element of type <xacml:CombinerParametersType> as an optional child of <xacml:PolicySet> and <xacml:Policy> elements. <xacml:CombinerParameters> element contains a list of parameters specific to the enclosing combining algorithm. Combiner parameters are input to the combining algorithm only and can not be directly interpreted by the pdp.

 

Schema:

<xs:element name="CombinerParameters" type="xacml:CombinerParametersType"/>
<xs:complexType name="CombinerParametersType">
<xs:sequence>
<xs:element ref="xacml:CombinerParameter" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<!-- -->
<xs:element name="CombinerParameter" type="xacml:CombinerParameterType"/>
<xs:complexType name="CombinerParameterType">
<xs:sequence>
<xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
<xs:attribute name="ParameterName" type="string" use="required"/>
</xs:complexType>

 

Simon