[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: PDP Issuers re: REST Profile working draft 05
I will comment on the PDP issues here and the PAP issues separately. My two original comments have not been addressed. Use of <Request> element vs. the <XACMLAuthzDecisionQuery> element. Request/response correlation. I propose the following solutions. State explicitly that the XACML request type can include either <Request> for XACML core or <XACMLAuthzDecisionQuery> from the SAML Profile. Include normative references to each and state that the processing and response must be as specified in the respective specification. State that when <Request> is used, the additional functionality is not available. State that when <XACMLAuthzDecisionQuery> is used, requests and responses can be correlated using Request Id and InResponseTo. State that when <Request> is used the PEP must not send a request until the response from a previous response has been received. Hal From: Remon Sinnema [mailto:remon.sinnema@emc.com] Submitter's message
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]