[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xacml] wd-20 issues (mostly typos)
Thanks Remon,
See inline.
On 2011-06-16 15:01, remon.sinnema@emc.com wrote:
> 7.19.3 Missing attributes
> "If, in this case, and a status code is supplied, then the value"
> - Remove "and".
Agreed.
> A.2 Data-types
> "XPath expression
> The "urn:oasis:names:tc:xacml:3.0:data-type:xpathExpression" primitive type represents an XPath expression selects over the XML in a<Content> element."
> - Remove "selects"?
I would add "which", so it says "... which selects ..."
> A.3.10 Bag functions
> "urn:oasis:names:tc:xacml:x.x:function:type-one-and-only
> This function SHALL take a bag of 'type' values as an argument and SHALL return a value of '-type'."
> - "'-type'" should be "'type'".
Agreed.
> "urn:oasis:names:tc:xacml:x.x:function:type-is-in
> This function SHALL take an argument of 'type' as the first argument and a bag of type values"
> - Second "type" should be "'type'".
>
Agreed.
> A.3.12 Higher-order bag functions
> "urn:oasis:names:tc:xacml:1.0:function:all-of
> This function applies a Boolean function between a specific primitive values"
> - "values" should be "value"
>
Agreed.
> "urn:oasis:names:tc:xacml:1.0:function:all-of-any
> This function applies a Boolean function between the elements of two bags. The expression SHALL be "True" if and only if the supplied predicate is 'True'"
> - Last "True" should be wrapped in double quotes, not single.
Will fix.
> "urn:oasis:names:tc:xacml:1.0:function:any-of-all
> The expression SHALL be evaluated as if the "rn:oasis:names:tc:xacml:1.0:function:any-of""
> - URI should start with "urn:", not "rn:"
>
Yes.
> B.4 Subject attributes
> "urn:oasis:names:tc:xacml:1.0:subject:authn-locality:ip-address
> The corresponding attribute SHALL be of data-type "http://www.w3.org/2001/XMLSchema#string";.
>
> urn:oasis:names:tc:xacml:1.0:subject:authn-locality:dns-name
> The corresponding attribute SHALL be of data-type "http://www.w3.org/2001/XMLSchema#string".";
> - Why aren't these of types urn:oasis:names:tc:xacml:2.0:data-type:ipAddress and urn:oasis:names:tc:xacml:2.0:data-type:dnsName?
>
Good question. Probably because the identifiers are 1.0 and the data
type is 2.0, and they did not want to change the meaning of the
identifier in 2.0. I guess we could either
- Rename the attribute identifier 2.0, or
- Overload/change the meaning of the attribute identifier to use the new
types.
I guess I prefer the former choice.
> C.1 Extended Indeterminate values
> "The output of a combining algorithm which does not track the extended set of "Indeterminate" values MUST be treated as "Indeterminate{DP}""
> - Only if the output is Indeterminate.
>
Yes. :-)
> C.4 Permit-overrides
> "5. Otherwise, if decision is "Deny", the result is "Deny"."
> - "if decision" should be "if any decision".
Yes.
> C.6 Deny-unless-permit
> "The decisions may be processed in any order, so the set of obligations provided by this algorithm is not deterministic."
> - And advice.
Agreed.
> C.10 Legacy Deny-overrides
> "for( i=0 ; i< lengthOf(ruless) ; i++ )"
> - "ruless" should be "rules"
Yes.
Thanks,
Erik
> Thanks,
> Ray
>
>
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail. Follow this link to all your TCs in OASIS at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]