Ray & Danny, I can't find any explicit statement about the uniqueness of RuleID, but there is a pragmatic requirement in that the <RuleCombinerParameters> element references a rule. RuleIDs have to at least be unique within a policy so that the rule references in <RuleCombinerParameters> elements are unambiguous. Of course there are no standardized rule combining algorithms that use parameters, so this is a weak requirement. Or it might be no requirement at all. I notice that <PolicyCombinerParameters> and <PolicySetCombinerParameters> reference a PolicyId or a PolicySetId without a version. Since the consensus seems to be that only the combination of Id and version should be unique, it is possible that <PolicyCombinerParameters> and <PolicySetCombinerParameters> can have ambiguous references. It would only happen if different versions of the same policy (set) were children of the same parent policy set, which is odd, but I don't see anything that rules it out. The wording of the core spec suggests that ambiguous references are unintended. Steven On 16/10/2013 4:12 AM, Danny Thorpe wrote: RuleId only has to be unique within its containing policy. Reason: Rules can’t be referenced outside of their policy. -Danny *Danny Thorpe * Authorization Architect *Dell* Identity & Access Management, Quest Software Quest Software is now part of Dell. *From:*
xacml@lists.oasis-open.org [ mailto:
xacml@lists.oasis-open.org ] *On Behalf Of *Sinnema, Remon *Sent:* Monday, October 14, 2013 11:09 PM *To:*
xacml@lists.oasis-open.org *Subject:* [xacml] RuleID All, Is RuleID supposed to be globally unique, or only unique within a policy? I couldn’t find a statement about that in the core spec. Thanks, Ray