[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xacml] condition reference text (item 7)
On Mon, 15 Mar 2004, Tim Moses wrote: > Colleagues - So, shall I proceed with the approach: retain <Condition> and > define it to contain a single <Expression> element? Is this agreed? All > the best. Tim. I agree to that approach. Cheers, -Polar > > -----Original Message----- > From: Polar Humenn [mailto:polar@syr.edu] > Sent: Monday, March 15, 2004 10:51 AM > To: Anne Anderson > Cc: Tim Moses; 'xacml@lists.oasis-open.org' > Subject: RE: [xacml] condition reference text (item 7) > > > > The orginal problem here, was that Condition extended ApplyType, which I > thought was a bad idea, as it simulcast a Condition as a function, rather > than contain it. > > If a Condition was an element containing an expression, then it wouldn't be > a problem. > > However, since we are not really maintaining backward compatibility, for the > reasons Tim and Anne state about "talking about" the condition of a rule, I > can see that the proposal can handle something of the form. > > > <Condition> > <Apply FunctionId="string-equal"> > ..... > </Apply> > </Condition> > > Or > > <Condition> > <VariableRef VariableId="x"/> > </Condition> > > or even > > <Condition> > <AttributeValue Datatype="boolean>True</AttributeValue> > </Condition> > > as long as the content is a boolean typed expression. > > Admittedly, this approach adds 23 characters to each rule, but what the hey, > they only weigh 0.0003421 nanonewtons. > > Is that an acceptable compromise? > > Cheers, > -Polar > > On Fri, 12 Mar 2004, Anne Anderson wrote: > > > On 12 March, Tim Moses writes: RE: [xacml] condition reference text > > (item 7) > Colleagues - I have just realized how much work this is > > going to be. In > addition to the specific changes described by > > Simon, all the examples are > affected and the introductory material, > > including the class diagram are > affected. This is going to take > > some time. > > I would like to see formal acceptance of the proposal > > as soon as possible, > because backtracking doesn't look like an > > appealing option. > > > > Personally, I lament the passing of <Condition>. The part of <Rule> > that > > > complements <Target> is a significant independent concept that deserves > its > > > own name. Anyone who has to explain XACML will have to refer to it. > With > > > the passing of <Condition>, they'll have to talk about "the child > > > <Expression> element of the <Rule> element" or some such. Global > replace > > > may work for the editor, but it is not a very attractive prospect for > the > > > reader. > > > > > > Does anyone else feel that this idea needs a name of its own? > > > > Yes, I do. The type of the Condition element can be shared with the > > other expressions, but giving the element that contains the set of > > predicates for a Rule its own name is a minor addition with major > > readability benefits. > > > > The counter argument might be that people won't read XACML policies, > > and the tools that generate them don't care what the name is. As > > someone who frequently presents and explains XACML to customers and > > partners, I can attest that being able to present readable, short > > examples is essential to obtaining broader acceptance for XACML. We > > will not have many tools until enough human readers have decided XACML > > is a good language. > > > > Anne > > > > > All the best. Tim. > > > > > > -----Original Message----- > > > From: Tim Moses [mailto:tim.moses@entrust.com] > > > Sent: Thursday, March 11, 2004 9:16 AM > > > To: 'Simon Godik'; 'xacml@lists.oasis-open.org' > > > Subject: RE: [xacml] condition reference text (item 7) > > > > > > > > > Simon - Thanks. I'll incorporate into, and issue, a Draft 07, on > > the > assumption that, if and when there is a vote on this subject, > > the vote will > be to accept. If not, we can always backtrack. All > > the best. Tim. > > -----Original Message----- > > > From: Simon Godik [mailto:simon.godik@overxeer.com] > > > Sent: Wednesday, March 10, 2004 11:10 PM > > > To: xacml@lists.oasis-open.org > > > Subject: [xacml] condition reference text (item 7) > > > > > > > > > Hi Tim, > > > Here is condition reference text and schema. Text is adopted (with some > > > additions) from Polar's email > > > > > > Simon > > > > > > <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> > > > <HTML><HEAD> > > > <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=US-ASCII"> > > > <TITLE>Message</TITLE> > > > > > > <META content="MSHTML 6.00.2737.800" name=GENERATOR> > > > <STYLE></STYLE> > > > </HEAD> > > > <BODY bgColor=#ffffff> > > > <DIV><SPAN class=294413914-12032004><FONT face=Arial color=#0000ff > > > size=2>Colleagues - I have just realized how much work this is going to > > > be. In addition to the specific changes described by Simon, all > the > > > examples are affected and the introductory material, including the > class diagram > > > are affected. This is going to take some > time.</FONT></SPAN></DIV> > > > <DIV><SPAN class=294413914-12032004><FONT face=Arial color=#0000ff > > > size=2></FONT></SPAN> </DIV> > > > <DIV><SPAN class=294413914-12032004><FONT face=Arial color=#0000ff > size=2>I > > > would like to see formal acceptance of the proposal as soon as > possible, because > > > backtracking doesn't look like an appealing option.</FONT></SPAN></DIV> > > > <DIV><SPAN class=294413914-12032004><FONT face=Arial color=#0000ff > > > size=2></FONT></SPAN> </DIV> > > > <DIV><SPAN class=294413914-12032004><FONT face=Arial color=#0000ff > > > size=2>Personally, I lament the passing of <Condition>. The > part of > > > <Rule> that complements <Target> is a significant > independent > > > concept that deserves its own name. Anyone who has to explain > XACML will > > > have to refer to it. With the passing of <Condition>, > they'll have > > > to talk about "the child <Expression> element of > > > the <Rule> element" or some such. Global replace may > work for > > > the editor, but it is not a very attractive prospect for the > > > reader.</FONT></SPAN></DIV> > > > <DIV><SPAN class=294413914-12032004><FONT face=Arial color=#0000ff > > > size=2></FONT></SPAN> </DIV> > > > <DIV><SPAN class=294413914-12032004><FONT face=Arial color=#0000ff > size=2>Does > > > anyone else feel that this idea needs a name of its > own?</FONT></SPAN></DIV> > > > <DIV><SPAN class=294413914-12032004><FONT face=Arial color=#0000ff > > > size=2></FONT></SPAN> </DIV> > > > <DIV><SPAN class=294413914-12032004><FONT face=Arial color=#0000ff > size=2>All > > > the best. Tim.</FONT></SPAN></DIV> > > > <BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px"> > > > <DIV></DIV> > > > <DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left><FONT > > > face=Tahoma size=2>-----Original Message-----<BR><B>From:</B> Tim > Moses > > > [mailto:tim.moses@entrust.com] <BR><B>Sent:</B> Thursday, March 11, > 2004 9:16 > > > AM<BR><B>To:</B> 'Simon Godik'; > > > 'xacml@lists.oasis-open.org'<BR><B>Subject:</B> RE: [xacml] condition > > > reference text (item 7)<BR><BR></FONT></DIV> > > > <DIV><SPAN class=282001414-11032004><FONT face=Arial color=#0000ff > > > size=2>Simon - Thanks. I'll incorporate into, and issue, a > Draft 07, on > > > the assumption that, if and when there is a vote on this subject, the > vote > > > will be to accept. If not, we can always backtrack. All > the > > > best. Tim.</FONT></SPAN></DIV> > > > <BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px"> > > > <DIV></DIV> > > > <DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left><FONT > > > face=Tahoma size=2>-----Original Message-----<BR><B>From:</B> Simon > Godik > > > [mailto:simon.godik@overxeer.com] <BR><B>Sent:</B> Wednesday, March > 10, 2004 > > > 11:10 PM<BR><B>To:</B> > xacml@lists.oasis-open.org<BR><B>Subject:</B> [xacml] > > > condition reference text (item 7)<BR><BR></FONT></DIV> > > > <DIV><FONT face=Arial size=2>Hi Tim,</FONT></DIV> > > > <DIV><FONT face=Arial size=2>Here is condition reference text and > schema. > > > Text is adopted (with some additions) from Polar's > email</FONT></DIV> > > > <DIV><FONT face=Arial size=2></FONT> </DIV> > > > <DIV><FONT face=Arial > > > size=2>Simon</FONT></DIV></BLOCKQUOTE></BLOCKQUOTE></BODY></HTML> > > > > -- > > Anne H. Anderson Email: Anne.Anderson@Sun.COM > > Sun Microsystems Laboratories > > 1 Network Drive,UBUR02-311 Tel: 781/442-0928 > > Burlington, MA 01803-0902 USA Fax: 781/442-1692 > > > > > > To unsubscribe from this mailing list (and be removed from the roster > > of the OASIS TC), go to > > http://www.oasis-open.org/apps/org/workgroup/xacml/members/leave_workg > > roup.php. > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]