The issue number refers to the XLS-sheet found in this email:
http://lists.oasis-open.org/archives/xacml/200909/msg00013.html
The commented is unsure about what happens if one of the results in an
"EntireHierarchy" request evaluates to Indeterminate.
However, the profile is clear. It says that only if all individual
requests evaluate to Permit, then the end result is "Deny".
However, when I see this, I think it would be better if the result would
be Indeterminate if there is at least one indeterminate. It would be
good that the PEP can see the error.
So I propose that we change this section so it says that if there is at
least one Indeterminate, then the end result is Indeterminate.
Best regards,
Erik