OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xacml] Groups - xacml-profile-saml2.0-v2-wd-6.zip uploaded


I just posted an updated SAML profile with all the fixes to the SAML 
profile we have discussed recently.

One thing worth noting is that when we discussed the issue of policy 
references and supplied policies, we were only considering the case when 
policies are provided with an Authz Query. But there is also the issue 
of policy references in the policies in an XACML policy assertion in 

I think that it really depends on what the policy assertion is used for 
how one wants to resolve policy references. So I have added this to the 
policy assertion section:

5.7 Policy references and Policy assertions

It may be noted that in relation to a policy assertion, there are three 
broad classes of policies to consider when resolving policy references: 
the top level policy in the policy assertion, the policies in the 
<xacml-samlp:ReferencedPolicies> element and policies external to the 
policy assertion, available to a PDP by other means. How policy 
references are resolved across these three classes of policies depends 
on the particular case and problem for which the policy assertion is 
used. Therefore policy reference resolving is implementation defined 
with respect to policy assertions.

Best regards,

erik@axiomatics.com wrote:
> See separate email for notes.
>  -- Erik Rissanen
> The document named xacml-profile-saml2.0-v2-wd-6.zip has been submitted by
> Erik Rissanen to the OASIS eXtensible Access Control Markup Language
> (XACML) TC document repository.
> Document Description:
> View Document Details:
> http://www.oasis-open.org/committees/document.php?document_id=31465
> Download Document:  
> http://www.oasis-open.org/committees/download.php/31465/xacml-profile-saml2.0-v2-wd-6.zip
> PLEASE NOTE:  If the above links do not work for you, your email application
> may be breaking the link into two pieces.  You may be able to copy and paste
> the entire link address into the address field of your web browser.
> -OASIS Open Administration

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]