OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Thoughts on Delegation


Sorry I have not time to write more. These seem the most important points.

1. I believe there should be three distinct types of policy - access, admin and creation of admin. I think it will be too confusing if the latter two are mixed. I could be persuaded otherwise, but that is my current thinking. If you agree, we need names for each and exactly how you tell them apart.

2. We need to agree on terms for at least the following. subject who is allowed to create policies, the subjects he is allowed to create admin policies for, 3 policy types. Please agree on terms for all useful concepts. I don't object to calling someting constraints, but is must have a single learly defined meaning.

3. I think whether or not you can create negative polices should be controled  by the Situation.

Best wishes for the F2F.

Hal



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]