OASIS eXtensible Access Control Markup Language (XACML) TC

 View Only

RE: [xacml] Questions on "Introducing attribute categories"

  • 1.  RE: [xacml] Questions on "Introducing attribute categories"

    Posted 03-16-2006 18:49
     MHonArc v2.5.0b2 -->
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    

    xacml message

    [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


    Subject: RE: [xacml] Questions on "Introducing attribute categories"


    1. Yes, this is for multiple resources profile.
    2. I thought that the main use case is for a resource being a general
    XML document - we also refer to this in hierarchical resources profile.
    It seems to me that this is a use case that is quite distinct.  
    
    As far as specifying it as an attribute value - interesting - but for
    the rest of attributes we usually do have an atomic data type defined,
    while this is complex content.  How would you refer to its data type in
    the designator?  
    
    P.S. My personal preference is for this to be defined as a completely
    separate piece:  you have a request document specifying attributes to be
    retrieved by an attribute designator, and you provide an arbitrary XML
    document separately that is the base for attribute selector.   That gets
    rid of "any" content, also makes strong typing for this XML context
    evidence easier to define. 
    
    I do not have a strong opinion on this issue though - let's keep it open
    until we are ready to edit the hierarchical resources profile.
    
    Daniel;