This change is in alignment with my recollection of the discussions on Obligations when bias was introduced.
thanks
b
On Nov 16, 2009, at 4:42 AM, Erik Rissanen wrote:
> All,
>
> While cleaning up the use of obligation/advice/expression in the core spec, I noticed that there is an inconsistency regarding enforcement of obligations. Section 5.1, line 1703 says:
>
> "If the PEP does not understand, or cannot fulfill, any of the obligations, then it MUST act as if the PDP had returned a “Deny” authorization decision value. See Section 7.16."
>
> This contradicts section 7.2 which defines PEP bias. Since I think there was agreement in the past that we want to let the PEP bias determine what happens in case of failed obligations, I am editing in the following change:
>
> "If the PEP does not understand, or cannot fulfill, any of the obligations, then it MUST act according to the PEP bias. See Section 7.2 and 7.16."
>
> Please let me know if you are not in agreement.
>
> Best regards,
> Erik
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail. Follow this link to all your TCs in OASIS at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
>