[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Comments on cd-1 core-spec
Hi all, here are a few nit-picks on the cd-1 core-spec. I'll send more as I proceed reading: page 12, Glossary, definition of "Context handler" I think we need to explain the differences to a PEP here. They actually get explained later, but someone checking the glossary will wonder why the TC introduced this extra entity. page 13, Glossary, definition of "PIP" Shouldn't we also have the "This term is defined in a joint effort by the IETF ..." text here, like in the definitions for PEP and PDP? page 15, section 1.3 Schema organization and namespaces Shouldn't the namespace end with 'cd-1' instead of 'wd-11'? page 29, section 4.1.1 Example policy line [a3] Shouldn't we use the official current XACML v3.0 namespace? "urn:oasis:names:tc:xacml:3.0:core:schema:cd-1" And the one that is most important to me: xacml-core-v3-schema-cd-1.xsd, lines 367-368 The intention, as far as I interpret it was to let a policy have one or more of the elements {Rule, VariableDefinition, CombinerParameters, RuleCombinerParameters}. However the addition of 'minOccurs="0"' to both CombinerParameters and RuleCombinerParameters allows to create a schema valid policy that has none of the elements above. I think a policy without a rule utterly meaningless (or am I overlooking something here?) and the schema should not permit it. I suggest we remove the 'minOccurs="0"' from both CombinerParamters and RuleCombinerParameters). Regards, Ludwig -- Ludwig Seitz, PhD | Axiomatics AB Training & Development | Electrum 223 Phone: +46 (0)703 83 08 00 | S-164 40 Kista, Sweden Mail: ludwig@axiomatics.com |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]