On 11 March, Tim Moses writes: [xacml] WSPL - XACML gap analysis
> Colleagues - Here is an initial stab at a gap analysis. I compare XACML
> v1.0 with the requirements listed here ...
>
> http://lists.oasis-open.org/archives/xacml/200303/msg00014.html
>
> Category 1 (Satisfied and adequately explained in XACML v1.0): R1, R4, R5,
> R6, R7, R13, R14, R15, R16.
>
> Category 2 (Satisfied in XACML v1.0, but fuller explanation required): R2,
> R3, R8 (use <Target> element), R11.
>
> Category 3 (Needs features not found in XACML v1.0):
>
> R9 - WSS-QoP describes how to reference policy from WSDL and SOAP.
> R10 - Needs the reintroduction of orderedOr and orderedAnd functions with an
> explanation of their semantics.
> R12 - Needs a way to reference the result of an operation.
>
> R2 and R3, I think, are the most substantial pieces of work.
>
> Any comments? All the best. Tim.
Tim, once again, thanks for doing this work. I agree that R2 and
R3 are the most substantial pieces of work.
For R4 and R6, we MAY need to add data-types and associated
functions specific to DSIG/DENC info (ways to compare
cryptographic algorithm specifications along with their
parameters).
Are there other types of information that will be common in
crypto-security policy, authentication policy, reliable-messaging
policy, or transaction policy for which it would be helpful to
specify new data types and operations?
Anne
--
Anne H. Anderson Email: Anne.Anderson@Sun.COM
Sun Microsystems Laboratories
1 Network Drive,UBUR02-311 Tel: 781/442-0928
Burlington, MA 01803-0902 USA Fax: 781/442-1692
----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the subscription
manager: <http://lists.oasis-open.org/ob/adm.pl>
����
����