In the SAML 2.0 Profile of XACML 2.0 OASIS Standard, an
XACMLPolicyStatementType is used in response to an XACMLPolicyQuery,
where policies are requested by PolicySetIdReference and
PolicyIdReference. The XACMLPolicyStatementType includes the requested
policies directly as Policy and PolicySet elements, with no indication
as to which reference ID each satisfies.
Should Version 2 of this profile, being worked on for XACML 3.0, revise
this type to enclose each Policy and PolicySet with an element having an
XML attribute to indicate the policy's ID? There is a type for such an
enclosing element defined in WD3 for use in an XACMLAuthzDecisionQuery,
and it could be reused here. For backwards compatibility, we could
retain the direct Policy and PolicySet elements.
I have made this addition in WD3 of Version 2 of the SAML Profile
CHAMPION: Anne
Status: PENDING REVIEW Change is in WD 3
--
Anne H. Anderson Anne.Anderson@sun.com
Sun Microsystems Labs 1-781-442-0928
Burlington, MA USA