The specification does not say that the PDP generates the actual Response sent back to the PEP. The specification says that the Context Handler is responsible for translating the input format into an internal representation consistent with a Request, and for translating the Response output into the format expected by the PEP. I think in this case the ContextHandler will be responsible for generating the Response with Indeterminate and syntax-error as the Value for the Status Code. Anne On 4 December, Polar Humenn writes: Re: [xacml] IIC012: syntax-error or processing-error? > From: Polar Humenn <
polar@syr.edu> > To: Anne Anderson <
Anne.Anderson@sun.com> > Subject: Re: [xacml] IIC012: syntax-error or processing-error? > Date: Wed, 4 Dec 2002 09:34:50 -0500 (EST) > > > What I am worried about is the implication is that all PDPs must return an > Indeterminate with a status code of syntax-error if asked to evaluate this > policy to be compliant with the standard. > > You can't configure my PDP with a badly formed policy, so there is no hope > in god's country of it even passing this conformance test! > > Maybe there should be two sets of conformance tests. One set for testing > acceptance of well and badly formed policies, and the other set for the > evaluation of well formed Request Contexts and Policies. > > -Polar > > > On Wed, 4 Dec 2002, Anne Anderson wrote: > > > Well, we are required to return a Status Code, and we have a > > Status Code called "syntax-error", which certainly does not imply > > that the policy was evaluated. I think this exactly fits what > > you want to convey. > > > > Anne > > > > On 4 December, Polar Humenn writes: Re: [xacml] IIC012: syntax-error or processing-error? > > > From: Polar Humenn <
polar@syr.edu> > > > To: Anne Anderson <
Anne.Anderson@sun.com> > > > Subject: Re: [xacml] IIC012: syntax-error or processing-error? > > > Date: Wed, 4 Dec 2002 09:06:35 -0500 (EST) > > > > > > > > > This is the same problem as D024. This policy is not well formed. It is > > > type incorrect. There should be no status code, because it should not even > > > be hinted at that it should be evaluated. > > > > > > Cheers, > > > -Polar > > > > > > On Wed, 4 Dec 2002, Anne Anderson wrote: > > > > > > > Conformance Test IIC012 is intended to test for the error case in > > > > which a Condition FunctionId uses a function that does not return > > > > a Boolean result. The <Condition is: > > > > > > > > <Condition FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-subtract"> > > > > <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only"> > > > > <SubjectAttributeDesignator > > > > AttributeId="urn:oasis:names:tc:xacml:1.0:conformance-test:age" > > > > DataType="
http://www.w3.org/2001/XMLSchema#integer"/ > > > > > </Apply> > > > > <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only"> > > > > <EnvironmentAttributeDesignator > > > > AttributeId="urn:oasis:names:tc:xacml:1.0:conformance-test:bart-simpson-age" > > > > DataType="
http://www.w3.org/2001/XMLSchema#integer"/ > > > > > </Apply> > > > > </Condition> > > > > > > > > Question: should the StatusCode Value from evaluating this Policy > > > > be "urn:...:status:syntax-error" (since it is a type error), or > > > > "urn:...:status:processing-error"? > > > > > > > > I'm leaning toward syntax-error. What do others think? > > > > > > > > Anne > > > > -- > > > > Anne H. Anderson Email:
Anne.Anderson@Sun.COM > > > > Sun Microsystems Laboratories > > > > 1 Network Drive,UBUR02-311 Tel: 781/442-0928 > > > > Burlington, MA 01803-0902 USA Fax: 781/442-1692 > > > > > > > > > > > > ---------------------------------------------------------------- > > > > To subscribe or unsubscribe from this elist use the subscription > > > > manager: <
http://lists.oasis-open.org/ob/adm.pl > > > > > > > > > > > > > > > -- > > Anne H. Anderson Email:
Anne.Anderson@Sun.COM > > Sun Microsystems Laboratories > > 1 Network Drive,UBUR02-311 Tel: 781/442-0928 > > Burlington, MA 01803-0902 USA Fax: 781/442-1692 > > > > > > ---------------------------------------------------------------- > > To subscribe or unsubscribe from this elist use the subscription > > manager: <
http://lists.oasis-open.org/ob/adm.pl > > > > > -- Anne H. Anderson Email:
Anne.Anderson@Sun.COM Sun Microsystems Laboratories 1 Network Drive,UBUR02-311 Tel: 781/442-0928 Burlington, MA 01803-0902 USA Fax: 781/442-1692