[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xacml] Inconsistency in obligation enforcement
This change is in alignment with my recollection of the discussions on Obligations when bias was introduced. thanks b On Nov 16, 2009, at 4:42 AM, Erik Rissanen wrote: > All, > > While cleaning up the use of obligation/advice/expression in the core spec, I noticed that there is an inconsistency regarding enforcement of obligations. Section 5.1, line 1703 says: > > "If the PEP does not understand, or cannot fulfill, any of the obligations, then it MUST act as if the PDP had returned a “Deny” authorization decision value. See Section 7.16." > > This contradicts section 7.2 which defines PEP bias. Since I think there was agreement in the past that we want to let the PEP bias determine what happens in case of failed obligations, I am editing in the following change: > > "If the PEP does not understand, or cannot fulfill, any of the obligations, then it MUST act according to the PEP bias. See Section 7.2 and 7.16." > > Please let me know if you are not in agreement. > > Best regards, > Erik > > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]