OASIS eXtensible Access Control Markup Language (XACML) TC

Re: [xacml] Problems with XACML and time

  • 1.  Re: [xacml] Problems with XACML and time

    Posted 07-24-2003 06:42
     MHonArc v2.4.5 -->
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    

    xacml message

    [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


    Subject: Re: [xacml] Problems with XACML and time



    Steve,
    Some of my colleagues agreed on your interpretation.

    Satoshi Hada
    IBM Tokyo Research Laboratory
    mailto:satoshih@jp.ibm.com



    Steve Hanna <steve.hanna@sun.com>

    2003/07/23 23:04

           
            To:        Satoshi Hada/Japan/IBM@IBMJP
            cc:        xacml@lists.oasis-open.org
            Subject:        Re: [xacml] Problems with XACML and time

           



    Satoshi Hada wrote:
    > Here is my understanding:
    > 1. The first part of your problem makes sense to me.

    For those who are trying to follow along, I think that
    this was the part where XML Schema says that a time with
    no time zone cannot be compared to a time with a time zone.

    > 2. I don't think the second part is a problem.
    >
    > >> However, according to the XML-Schema specification, you have to
    > >> normalize the three time values. They are normalized to
    > >> 19:00 <= 00:00 <= 03:00. It seems to me that you say that the
    > >> result is false because 19:00 <= 00:00 is false.
    >
    > I don't think this interpretation is right.
    > The XML schema specification says that:
    >   The order relation on time values is the Order relation on
    >   dateTime (section 3.2.7.3) using an arbitrary date.
    >
    > So I think that we can use an implicit date information for
    > time comparison.
    >
    > [explanation removed]

    The text in XML Schema is unclear. You have an interesting
    interpretation, which does solve my problem. However, it has
    the strange side effect that 09:00(+14:00) is not equal to
    09:00(-10:00). Normally, I would expect them to be equal,
    especially since XML Schema says "time represents an instant
    of time that recurs every day".

    Here are the relevant calculations:

    > 1. I want to check whether
    > 09:00(+14:00) == 09:00(-10:00)
    >
    > 2. Set an arbitrary date (e.g., 2002-02-16).
    > So I need to check whether
    > 2002-02-16T09:00(+14:00) == 2002-02-16T09:00(-10:00)
    >
    > 3. Normalize the time values.
    > So I need to check whether
    > 2002-02-15T19:00Z == 2002-02-16T19:00Z
    >
    > 4. The result is false.

    Does this seem odd to you? It does to me. I think that
    any order relation on time values *must* be consistent
    with the definition of this data type ("an instant of
    time that recurs every day"). That's fundamental.

    Therefore, I conclude that when comparing times with a
    time zone there can only be 24 hours of distinct values.
    In order to have a total ordering over those values, one
    of the values must be chosen as the first. My understanding
    of the comparison algorithm is that you normalize to GMT
    first, then set the arbitrary date, then do the comparison.
    This ensures that there are only 24 hours of values. And
    it also means that midnight GMT is the earliest possible
    time and 23:59:59 GMT is the latest. I'll repeat my
    example above with this algorithm for an illustration.

    > 1. I want to check whether
    > 09:00(+14:00) == 09:00(-10:00)
    >
    > 3. Normalize the time values.
    > So I need to check whether
    > 19:00Z == 19:00Z
    >
    > 2. Set an arbitrary date (e.g., 2002-02-16).
    > So I need to check whether
    > 2002-02-16T19:00Z == 2002-02-16T19:00Z
    >
    > 4. The result is true.

    Maybe we need to ask someone who is more familiar with
    the time type in XML Schema what is the proper interpretation
    of the text in the spec. Or maybe you argument above
    is convincing to you. Please let me know.

    Thanks,

    Steve




    [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]