To TC:
As described in previous email:
http://lists.oasis-open.org/archives/xacml/200911/msg00042.html
I have revised the original proposal submitted for issue 11.
This proposal is intended to address the same problems as the previous
proposal, and it also provides a format which can potentially be used
to address the resource-id naming issue raised by Paul Tyson:
http://lists.oasis-open.org/archives/xacml/200911/msg00032.html
A summary of expected benefits from this proposal includes the
following:
- The proposal provides an automatic naming method for any node in
an XML document, in the form of an XPath path expression, that may also
be used to retrieve the actual node identified.
- The proposal shows how to map this expression into standard URI
format by percent encoding each XPath step component that follows a URI
fragment slash "/".
- An XPath step in the proposal is represented by the concatenation
of 3 strings as a local-name plus two optional predicates, each of
which is immediately determinable when in the XPath context of the
document using standard XPath functions: local-name(), namespace-uri(),
and position() and the full set of steps in the expression can be used
to obtain the single node addressed from any XPath context because the
path is absolute.
- The unencoded XPath path expression can be used as the identity
of a node in an XML document as described in section 2.1 of the
hierarchical profile.
- The unencoded XPath expression can be used as the resource-id as
described in section 2.2.3 of the Multiple Resource Profile.
- The XPath path expression can be used with or without the
associated XML document. i.e. the expression serves as BOTH an
executable expression that can be applied to an XML document AND a
literal identifier that can be used by regular expression matching type
operations.
- Percent-encoding of the XPath path expression is only required
when the expression is used as an actual URI, such as when extending
the URI mechanism into XML documents to identify entities within the
document, or when used as an identifier that requires URI syntax such
as an XML AttributeId attribute.
- In general, because the XPath path expression can operate as a
literal identifier, it enables policies to be written against resources
within XML documents which enable policy evaluation before the document
is accessed.
I will try to prepare a slide presentation prior to the F2F. In the
meantime, hopefully, the information is intended to be self-explanatory.
Comments and suggestions welcome.
Thanks,
Rich
|