OASIS eXtensible Access Control Markup Language (XACML) TC

Re: [xacml] another small time/date issue

  • 1.  Re: [xacml] another small time/date issue

    Posted 08-14-2003 18:22
     MHonArc v2.5.0b2 -->
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    

    xacml message

    [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


    Subject: Re: [xacml] another small time/date issue


    unless i read this incorrectly it seems that these are not mutually 
    exclusive positions: a request goes to a single PDP whereby information 
    may be added/enhanced for downstream decision requests. in this 
    scenario, attributes may be change in the life span of an aggregate of 
    decisions, but they remain 'explicit' (static) for each decision context.
    
    true, this may lend itself to unanticipated decisions in the macro 
    sense, but each localized decison--that which i believe XACML is 
    intended to cover--will resolve deterministically.
    
    b
    
    Daniel Engovatov wrote:
    > It may.  But do we really want to specify exactly how it is done without
    > unduly restricting architecture of implementations?  
    > I thought it would be beneficial for an authorization language standard
    > to stay out of data flow management and operational behavior as much as
    > possible.  We specify how to deal with attributes that are explicitly
    > provided in a request, but anything concerning PIP sources of
    > information was intentionally left undefined, as far as I remember.  
    > 
    > Daniel.
    > 
    >