OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [xacml] Inputs to rfc822Name-match


Anne - I know you are right.  But, WE define
urn:oasis:names:tc:xacml:2.0:data-type:rfc822Name.  So, if we want "*" to be
a valid instance of this type, then it can be.  Can't it?

All the best.  Tim.

-----Original Message-----
From: Anne Anderson [mailto:Anne.Anderson@Sun.COM] 
Sent: Wednesday, May 12, 2004 4:27 PM
To: Tim Moses
Cc: 'XACML'
Subject: Re: [xacml] Inputs to rfc822Name-match


On 12 May, Tim Moses writes: [xacml] Inputs to rfc822Name-match  >
Colleagues - How do people feel about making both inputs to the  >
rfc822Name-match function of type rfc822Name (just as both inputs to the  >
x500Name-match function are of type x500Name)?  > 
 > I am not certain whether all valid values for the first parameter to the
> function are strictly names, as defined by RFC 822.  Nevertheless, I see
> advantages in considering them legal values according to the  >
definition.

That is the problem: values that you want in the first parameter are not all
valid RFC 822 names if you allow "*" or names with only a domain component.
This was an issue in PKIX NameConstraints, as I recall.

Anne
-- 
Anne H. Anderson             Email: Anne.Anderson@Sun.COM
Sun Microsystems Laboratories
1 Network Drive,UBUR02-311     Tel: 781/442-0928
Burlington, MA 01803-0902 USA  Fax: 781/442-1692


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]