OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xacml] Re: [xacml-demo-tech] Meta data

I think the meta-data should not be tied to SAML, but should be designed 
in such a way that it can be inserted into the SAML protocol.  For 
example, you could use the SAML schema for the contents, or something 
like that.

Anne

Bill Parducci wrote:
> It is an interesting idea-particularly since the SAML meta schema is  so 
> rich--but it does require that the PDP be tied to SAML. Early on  in the 
> TC the thinking was that XACML needs to maintain its  independence re: 
> implementation. Do we still feel that way?
> 
> b
> 
> On May 15, 2007, at 7:00 AM, Anne Anderson - Sun Microsystems wrote:
> 
>> Bill,
>>
>> I wonder if it makes sense to implement your PDP metadata as part  of 
>> the SAML metadata?  The metadata has to be conveyed to clients  
>> somehow anyway, so implementing it as part of an existing protocol  
>> makes some sense.
>>
>> The current proposal in the (in progress) SAML Profile Version 2.0  
>> Working Draft 3 is to implement
>> a) XACMLPDPDescriptor having standard SAML 2.0 metadata compliant  PDP 
>> info.
>> b) XACMLPDPConfig holding extended PDP information.  This might be  
>> where the attribute timing, XACML version, Obligation support, etc.  
>> should go.
>> c) XACMLAuthzDecisionQueryDescriptor - PEP endpoint info
>> d) XACMLAuthzDecisionQueryConfig - extended PEP information.
>>
>> See Issue#74 in the Issues list:http://wiki.oasis-open.org/xacml/ 
>> IssuesList
>>
>> Anne
>>
>> Bill Parducci wrote:
>>
>>> I am going to give emailing to this list one more shot ;)
>>> It would be helpful if the interop participants could keep their  
>>> eyes  open for implementation attributes that are key/useful for   
>>> establishing interoperability. Where it makes since I would like  to  
>>> incorporate these into the PDP meta schema.
>>> I am currently working on meta info re: Attribute calculation,  
>>> XACML  version and Obligation support.
>>> thanks
>>> b
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: xacml-demo-tech-unsubscribe@lists.oasis- 
>>> open.org
>>> For additional commands, e-mail: xacml-demo-tech-help@lists.oasis- 
>>> open.org
>>
>>
>> -- 
>> Anne H. Anderson             Email: Anne.Anderson@Sun.COM
>> Sun Microsystems Laboratories
>> 1 Network Drive,UBUR02-311     Tel: 781/442-0928
>> Burlington, MA 01803-0902 USA  Fax: 781/442-1692
> 
> 

-- 
Anne H. Anderson             Email: Anne.Anderson@Sun.COM
Sun Microsystems Laboratories
1 Network Drive,UBUR02-311     Tel: 781/442-0928
Burlington, MA 01803-0902 USA  Fax: 781/442-1692

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]