OASIS eXtensible Access Control Markup Language (XACML) TC

  • 1.  Carrying any policies

    Posted 11-30-2010 09:04
    Hi Hal
    
    In the notes of the F2F meeting last December 2009 it was noted
    
    Hal: propose: not change core schema;
    	change saml profile to put any at end
    	and pep returns indeterminate;
    	lax or strict schema checking;
    
    	lax,strict,skip
    
         proposal is to put in XACML-3.0-cd-1.updated-2009-May-07\XSD\
    		xacml-3.0-profile-saml2.0-v2-schema-protocol-cd1.xsd
    
    	just in time policies that arrive just in time for current
    	request; as long as there is chain of admin policies that
    	the policy is ok.
    
    	Basically, policies provided must be understood one way or
    	another to determine if relevant, and if can't be read, then
    	pdp doesn't know what it is and must reject the request.
    
    I have been looking through the latest schema protocol document but I 
    cannot find the any that was mentioned in the minutes. Do you know if it 
    got forgotten about
    
    regards
    
    David
    
    
    *****************************************************************
    David W. Chadwick, BSc PhD
    Professor of Information Systems Security
    School of Computing, University of Kent, Canterbury, CT2 7NF
    Skype Name: davidwchadwick
    Tel: +44 1227 82 3221
    Fax +44 1227 762 811
    Mobile: +44 77 96 44 7184
    Email: D.W.Chadwick@kent.ac.uk
    Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html
    Research Web site: http://www.cs.kent.ac.uk/research/groups/iss/index.html
    Entrust key validation string: MLJ9-DU5T-HV8J
    PGP Key ID is 0xBC238DE5
    
    *****************************************************************
    


  • 2.  Re: [xacml] Carrying any policies