Ok, I didn't realize that Abstract text was a regression. Agree that previous text should be. As to the naming, I understand the principle behind it, I just think overloading the term core is unfortunate. That said, this is something I should have raised more forcefully when it was originally proposed. Since we are going forward with the review I have no interest in impeding that over this. Cheers b On Aug 7, 2014, at 11:02 PM, rich levinson <
rich.levinson@oracle.com > wrote: Hi Bill, I agree that the Abstract should be fixed, but I suggest using the abstract from CS01, which also includes the reason for the name of the profile:
http://docs.oasis-open.org/xacml/3.0/xacml-3.0-rbac-v1-spec-cs-01-en.pdf Abstract: This specification defines a profile for the use of XACML in expressing policies that use role based access control (RBAC). It extends the XACML Profile for RBAC Version 1.0 to include a recommended AttributeId for roles, but reduces the scope to address only “core” and “hierarchical” RBAC. This specification has also been updated to apply to XACML 3.0. i.e. in order to change the name the abstract would have to be changed to provide notice that only part of RBAC is supported, namely the core and hierarchical parts. So, I think it is less confusing for readers who are new to the profile and probably familiar w RBAC, to leave it as is, so they are immediately notified by the title that only the specified subset is supported. I think it is only people familiar w xacml specs that might be confused by the title, but they should quickly discover that there is a good reason for the title. In addition, the notions of core RBAC and hierarchical RBAC are woven thru-out the text and if these terms were not in the title, abstract, then there would need to be some significant up-front intro to these concepts, and explanation that they are the ONLY part of RBAC that is supported. w/o such an intro, where they are introduced in section 4 would seem to be popping up out of the blue, imo. This all happened long before my time on the TC, but I have found that almost all of the work done on the early versions of the specs (and the current versions as well for that matter) was well thought out and that there are solid reasons for a lot of things that may not be obvious when first encountered. Therefore I am generally skeptical about proposed changes that are intended to simplify that which may have good reason to be more complicated than one might at first think. Thanks, Rich On 8/7/2014 9:33 PM, Bill Parducci wrote: I just realized the Abstract in the latest Working Draft of the RBAC Profile has the template text in it. I personally consider fixing this to be non-material, but if there is concern that it is not then please let me know so that I can notify TC Admin. I suggest the default text be replaced with Profile for the use of XACML to be used for Role Based Access Control. If we do pull it back, then I would like to revisit the name. I think having Core in the title can be confusing. thanks b --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php -- Thanks, Rich <oracle_sig_logo.gif> Rich Levinson Internet Standards Security Architect Mobile: +1 978 5055017 Oracle Identity Management 45 Network Drive Burlington, Massachusetts 01803 <green-for-email-sig_0.gif> Oracle is committed to developing practices and products that help protect the environment