MHonArc v2.5.0b2 -->
xacml message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Re: [xacml] Inputs to rfc822Name-match
On 12 May, Tim Moses writes: [xacml] Inputs to rfc822Name-match
> Colleagues - How do people feel about making both inputs to the
> rfc822Name-match function of type rfc822Name (just as both inputs to the
> x500Name-match function are of type x500Name)?
>
> I am not certain whether all valid values for the first parameter to the
> function are strictly names, as defined by RFC 822. Nevertheless, I see
> advantages in considering them legal values according to the
> urn:oasis:names:tc:xacml:2.0:data-type:rfc822Name definition.
That is the problem: values that you want in the first parameter
are not all valid RFC 822 names if you allow "*" or names with
only a domain component. This was an issue in PKIX
NameConstraints, as I recall.
Anne
--
Anne H. Anderson Email: Anne.Anderson@Sun.COM
Sun Microsystems Laboratories
1 Network Drive,UBUR02-311 Tel: 781/442-0928
Burlington, MA 01803-0902 USA Fax: 781/442-1692
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]