[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xacml] Draft BTG Profile
Hi Ludwig On 26/11/2010 08:53, Ludwig Seitz wrote: > On Thu, 2010-11-25 at 17:57 +0000, David Chadwick wrote: >> I dont see the difference between standardising a status code in a >> profile and standardising an Advice in a profile, except for one thing >> > > There is another: > > To standardize an Advice Id you don't need to change the core XACML > standard. To standardize a new status code you need to change the > standard. This is because the full list of codes are listed in Section B.9 (or B.8), yes? But what is the standard defined behaviour for a PEP that receives an unknown status code? Is this documented anywhere? Probably not. Will they crash? Or will they ignore it? Most likely the latter. So if a profile defines a new status code, whilst from a pure-ist point of view this should be in the base standard and not in a profile, because the standard does not allow extensibility of this feature, in practical terms it wont actually cause any problems to implementations will it? I can accept that Advice is the Correct thing to do for v3, but what is the correct solution for v2? regards David > >> Advice is not available to XACMLv2 implementations > > Since your approach necessitates a change in core standard, backwards > compatibility is gone either way, so I don't see a big drawback with > using v3 specific stuff (and not changing the core v3 standard). > > /Ludwig > -- ***************************************************************** David W. Chadwick, BSc PhD Professor of Information Systems Security School of Computing, University of Kent, Canterbury, CT2 7NF Skype Name: davidwchadwick Tel: +44 1227 82 3221 Fax +44 1227 762 811 Mobile: +44 77 96 44 7184 Email: D.W.Chadwick@kent.ac.uk Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html Research Web site: http://www.cs.kent.ac.uk/research/groups/iss/index.html Entrust key validation string: MLJ9-DU5T-HV8J PGP Key ID is 0xBC238DE5 *****************************************************************
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]