OASIS eXtensible Access Control Markup Language (XACML) TC

RE: another attempt at azn query refinment

  • 1.  RE: another attempt at azn query refinment

    Posted 10-09-2001 13:41
    Title: another attempt at azn query refinment I agree with the general proposition that the current Authorization Decision Request and Assertion are woefully inadequate for the kinds of policy decisions that can be made by state of the art access control systems. However at F2F#3 I urged and I remember a strong consensus for keeping the specification to a bare minimum in this area for SAML 1.0. I believe it will require some significant work to get this right and it is not a good idea to add individual features piecemeal. I also believe that the right place to do this work is in the XACML TC and I have submitted specific use cases to this effect.   Therefore, although I agree with Simon that we will eventually need this kind of thing (and a lot of other functionality) I feel strongly that this proposal should be deferred until we can address all the issues in a comprehensive fashion.   Hal