OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xacml] RE: REST API follow up

My opinion on this is that the core specification clearly states what to do when a PolicyIdReference or PolicySetIdReference can't be resolved:

Let clients of the PAP upload policies as they see fit, and let the runtime resolve the references and return Indeterminate if the references can't be resolved.


craig forster | technical lead, tivoli security policy manager

Inactive hide details for ---05/31/2012 05:54:49 PM---Danny, From: xacml@lists.oasis-open.org [mailto:xacml@lists.oasis-open.or---05/31/2012 05:54:49 PM---Danny, From: xacml@lists.oasis-open.org [mailto:xacml@lists.oasis-open.org] On Behalf Of Danny Thorp








05/31/2012 05:54 PM


[xacml] RE: REST API follow up

Sent by:



From: xacml@lists.oasis-open.org [
mailto:xacml@lists.oasis-open.org] On Behalf Of Danny Thorpe
Sent: Thursday, May 31, 2012 9:02 PM
To: xacml@lists.oasis-open.org; Sinnema, Remon
Subject: [xacml] REST API follow up

> The only unresolved discussion point in my mind is the matter of whether policy references must be fully resolvable
> when a policy revision is POSTed to the server. I believe the current proposal states that all policy references must
> be resolvable and validated or the server must reject the post.  I understand the Admin profile requires "late bound"
> policy references which may only be resolvable in the context of a particular auth request.

I've added a section about different types of PAPs and how they may respond differently. That should make the server's behavior sufficiently underspecified to allow for both scenarios, while still providing useful interop possibilities. Let me know what you think.


To unsubscribe, e-mail: xacml-unsubscribe@lists.oasis-open.org
For additional commands, e-mail: xacml-help@lists.oasis-open.org

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]