[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xacml] Issue#39:number of policies to return is too large
On Wed, 6 Sep 2006, Anne Anderson - Sun Microsystems wrote: > I don't think there are actually that many cases to deal with here. I'm not > trying to design a reliable transaction protocol, just a simple mechanism > that would support the use case of a relatively stable PAP returning multiple > blocks of policies to a client. Yet, the text above this section was filled with ramblings of protocol as if it were just "common sense". It's one thing to specify XACML because it is viewed (or at least I view it as) as a representation of access-control policy that is transportable between PAPs and different PDPs, leaving the "implementation details" of that transport alone. It's completely other thing to specify a "simple" element in a _protocol_ and not cover the bases, or assume others will have the same "common sense" about it as you do. It's funny that we are all in "security" which is supposed to mean things like, _availability_, _assurance_, _reliablitity_, yet we punt on those things all the time. Cheers, -Polar
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]