OASIS eXtensible Access Control Markup Language (XACML) TC

Comments on Draft 01 of the XACML profile for Web-services

  • 1.  Comments on Draft 01 of the XACML profile for Web-services

    Posted 07-11-2003 18:58
    Colleagues - I received the following comments on the 01 draft of the XACML
    profile for Web-services from Seth.  Seth's points are valid and I propose
    to address them by imposing the following limitations (at least for v1.0):
    
    1.	Only the functions and data-types defined by XACML 1.0 are permitted
    in a WSPL instance, and
    2.	Only simple predicates are permitted.  That is, a predicate must be
    of the form:
    
         <Apply>
           <AD/AS>
           <AV>
         </Apply>