OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xacml] The trusted issuer


This is just an email to defer the discussion of this issue to the next 

Also, add to the discussion the option to always require an issuer, that 
is policies without issuers are not allowed at all in 3.0.


Erik Rissanen wrote:
> All,
> I propose that we drop the explicit identifiers for the trusted issuer 
> in the delegation draft. (Section 5.4 in the delegation profile 
> working draft 17.)
> The reason for introducing the explicit trusted issuer was that 
> someone in some discussion was concerned that it is easy to make a 
> mistake by forgetting to include the issuer.
> But for reasons of backwards compatibility we want a policy without an 
> issuer to be considered trusted anyway. With this, I don't see much 
> point in having the explicit trusted issuer in there. It just makes 
> things more complex. Both for the spec and for code which has to deal 
> with more special cases.
> Regards,
> Erik

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]