OASIS eXtensible Access Control Markup Language (XACML) TC

 View Only

Issue#70: SAML Profile: IDs for policies in XACMLPolicyStatementType

  • 1.  Issue#70: SAML Profile: IDs for policies in XACMLPolicyStatementType

    Posted 03-06-2007 14:35
    In the SAML 2.0 Profile of XACML 2.0 OASIS Standard, an 
    XACMLPolicyStatementType is used in response to an XACMLPolicyQuery, 
    where policies are requested by PolicySetIdReference and 
    PolicyIdReference. The XACMLPolicyStatementType includes the requested 
    policies directly as Policy and PolicySet elements, with no indication 
    as to which reference ID each satisfies.
    
    Should Version 2 of this profile, being worked on for XACML 3.0, revise 
    this type to enclose each Policy and PolicySet with an element having an 
    XML attribute to indicate the policy's ID? There is a type for such an 
    enclosing element defined in WD3 for use in an XACMLAuthzDecisionQuery, 
    and it could be reused here. For backwards compatibility, we could 
    retain the direct Policy and PolicySet elements.
    
    I have made this addition in WD3 of Version 2 of the SAML Profile
    
    CHAMPION: Anne
    
    Status: PENDING REVIEW Change is in WD 3
    -- 
    Anne H. Anderson               Anne.Anderson@sun.com
    Sun Microsystems Labs          1-781-442-0928
    Burlington, MA USA