Hal,
As discussed on Mar 1 conference call, we are interested in the creation of
a language-specific authorization API that could interact with a XACML
PDP. We can work
out the exact forum where this work should take place, certainly the
XACML TC
is a reasonable choice. We should probably have a broader discussion in
this space, including
for example, the possibility of an open source implementation.
Regarding the issue of optimization via the return of generalized
results from a PDP, while this could be
left at the vendor level, it may be be helpful to provide a profile that
articulates some of the
issues here.
- prateek
> Prateek asked:
>
> (2) Is there a performant PEP--> PDP protocol?
>
> The main challenge here is performance
>
> Some applications need to make 100s of authorization decisions with low
> latency requirement
>
> It may not be acceptable to make a network call for each authorization
> decision
>
> XML Marshalling and unmarshalling of