OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Revised proposal for issue #11, using XPath/URI path expressions


To TC:

As described in previous email:
    http://lists.oasis-open.org/archives/xacml/200911/msg00042.html
I have revised the original proposal submitted for issue 11.

This proposal is intended to address the same problems as the previous proposal, and it also provides a format which can potentially be used to address the resource-id naming issue raised by Paul Tyson:
    http://lists.oasis-open.org/archives/xacml/200911/msg00032.html

A summary of expected benefits from this proposal includes the following:
  • The proposal provides an automatic naming method for any node in an XML document, in the form of an XPath path expression, that may also be used to retrieve the actual node identified.
  • The proposal shows how to map this expression into standard URI format by percent encoding each XPath step component that follows a URI fragment slash "/".
  • An XPath step in the proposal is represented by the concatenation of 3 strings as a local-name plus two optional predicates, each of which is immediately determinable when in the XPath context of the document using standard XPath functions: local-name(), namespace-uri(), and position() and the full set of steps in the expression can be used to obtain the single node addressed from any XPath context because the path is absolute.
  • The unencoded XPath path expression can be used as the identity of a node in an XML document as described in section 2.1 of the hierarchical profile.
  • The unencoded XPath expression can be used as the resource-id as described in section 2.2.3 of the Multiple Resource Profile.
  • The XPath path expression can be used with or without the associated XML document. i.e. the expression serves as BOTH an executable expression that can be applied to an XML document AND a literal identifier that can be used by regular expression matching type operations.
  • Percent-encoding of the XPath path expression is only required when the expression is used as an actual URI, such as when extending the URI mechanism into XML documents to identify entities within the document, or when used as an identifier that requires URI syntax such as an XML AttributeId attribute.
  • In general, because the XPath path expression can operate as a literal identifier, it enables policies to be written against resources within XML documents which enable policy evaluation before the document is accessed.
I will try to prepare a slide presentation prior to the F2F. In the meantime, hopefully, the information is intended to be self-explanatory.

Comments and suggestions welcome.

    Thanks,
    Rich

xacml-3.0-hierarchical-v1-spec-cd-1-en-rich-uri-xml-3b.doc



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]