OASIS eXtensible Access Control Markup Language (XACML) TC

 View Only
  • 1.  XACML Charter Scope

    Posted 05-21-2001 19:44
    I observed on the concall today that the proposed charter says the purpose is to define a core schema and corresponding namespace. I said that this alone did not seem to me to be sufficient to allow interoperable implementations to be developed without some statement about how documents defined by this schema might be exchanged. On reflection, I concede that for some applications it would probably suffice to say that the document would be generated as a disk file and exchanged by any method of choice. However, it is possible that the TC wishes to go further. If XACML messages are intended to be associated with control of access to portions of XML documents, it seems it would be useful to describe how they would be contained in or bound to the document to which they refer. If XACML is to be used to provision an access control system, then a protocol for requesting and receiving messages might be useful. Increasing the scope in this way would in no way commit us to inventing these mechanisms from scratch. It would be sufficient to reference a suitable standard developed elsewhere. Hal