I like this. -Anne On 6 May, Polar Humenn writes: [xacml] A proposal for Context > From: Polar Humenn <
polar@syr.edu> > To: XACML <
xacml@lists.oasis-open.org> > Subject: [xacml] A proposal for Context > Date: Mon, 06 May 2002 10:54:22 -0400 (EDT) > > > I have a small proposal on Simon's context. > > 1. We do not call the "subject" of the AuthorizationQuery the "Requestor". > > The "subject" of the authorization query is merely the subject, it is > not really requesting anything. I don't hold really hold to the idea > that the subject always "requesting access". > > I'd rather see the subject of the request be a structured principal, at > first, just one level, but later be able to be extended for more complex > principals. > > <x:Principal> > <x:NameIdentifier>....</x:NameIdentifier> > </xPrincipal> > > <x:SimplePrincipal> > <x:NameIdentifier>....</x:NameIdentifier> > <x:AlternateNames> > <x:NameIdentifier>...<x:NameIdentifer> > </x:AlternateNames> > </x:SimplePrincipal> > > > and later on extend Principal to be Complex Principal, such as > > <x:ForPrincipal> > <x:Speaking> > <x:SimplePrincipal>....</x:SimplePrinipal> > </x:Speacking> > <x:SpeakingFor> > <x:SimplePrincipal>....</x:SimplePrinipal> > </x:SpeackingFor> > </x:ForPrincipal> > > Cheers, > -Polar > > > ---------------------------------------------------------------- > To subscribe or unsubscribe from this elist use the subscription > manager: <
http://lists.oasis-open.org/ob/adm.pl > > -- Anne H. Anderson Email:
Anne.Anderson@Sun.COM Sun Microsystems Laboratories 1 Network Drive,UBUR02-311 Tel: 781/442-0928 Burlington, MA 01803-0902 USA Fax: 781/442-1692