OASIS eXtensible Access Control Markup Language (XACML) TC

Re: [xacml] Errata: missing duration functions

  • 1.  Re: [xacml] Errata: missing duration functions

    Posted 05-30-2003 18:09
    Since Seth has pointed out a workaround, I would like to withdraw
    my proposal for XACML 1.1 and add it to the list of enhancements
    for the subsequent XACML release.  It is late in the game for 1.1
    to be adding functionality that is not absolutely necessary.
    On 30 May, Seth Proctor writes: Re: [xacml] Errata: missing duration functions
     > From: Seth Proctor <Seth.Proctor@sun.com>
     > To: Anne.Anderson@sun.com
     > Subject: Re: [xacml] Errata: missing duration functions
     > Date: Fri, 30 May 2003 14:12:26 -0400
     > > dayTimeDuration and yearMonthDuration as standard
     > XACML DataTypes
     > > were added fairly late in the XACML 1.0 process. 
     > One of the
     > > primary motivating use-cases for the duration
     > DataTypes was being
     > > able to say things like "permit if current date
     > minus subject
     > > birthdate is greater than or equal to 21".  These
     > expressions
     > > require some way to subtract dates.
     > Note that there already exist
     > dateTime-[add|subtract]-[dayTime|yearMonth]Duration
     > functions. This means that you can say:
     >   today - (21 year duration) >= Subject's BDay
     > This yields the same data in a different way. I
     > don't know if this meets other needs for duration
     > functions, or if this changes the urgency for
     > getting these duration functions into 1.1.
     > That said, I think the duration functions being
     > proposed seem reasonable.
     > seth
     > You may leave a Technical Committee at any time by visiting http://www.oasis-open.org/apps/org/workgroup/xacml/members/leave_workgroup.php
    Anne H. Anderson             Email: Anne.Anderson@Sun.COM
    Sun Microsystems Laboratories
    1 Network Drive,UBUR02-311     Tel: 781/442-0928
    Burlington, MA 01803-0902 USA  Fax: 781/442-1692