Profile

Contact Details

Ribbons

Badges

Danny Thorpe


Contributions

1 to 5 of 7 total
RuleId only has to be unique within its containing policy. Reason: Rules can’t be referenced outside of their policy. -Danny Danny Thorpe Authorization Architect Dell Identity & Access Management, Quest Software Quest Software is now part of Dell. From: xacml@lists.oasis-open.org [mailto:xacml@lists.oasis-open.org] ...
Per the conversation on IP Address comparisons in XACML on today’s call: I also favor the /24 network mask notation. The / notation supports defining subnets independent of octet byte boundaries, meaning you could use 192.168.2.0/23 to define a subnet that has 512 nodes and whose netmask is 255.255.254.0. ...
Sounds reasonable. Keep the rules/policies as passive documents and attribute action to the PDP. Danny Thorpe Authorization Architect Dell Identity & Access Management, Quest Software Quest Software is now part of Dell. From: xacml@lists.oasis-open.org [mailto:xacml@lists.oasis-open.org] On Behalf Of ...
There are a few remaining references to the previous Attributes object which should be updated to the new Category object: 4.1 Class Diagram a. The diagram shows “Attributes” as the title of the center box. Should that be “Category”? b. The diagram shows property “Category” but the table in 4.2.2 shows ...
Since the spec doesn’t say how that policy combining algorithm is to be specified to the PDP (the spec doesn’t cover much of anything of PDP configuration), I think we have to consider it a vendor specific implementation detail. To avoid having to create an external config setting in our PDP implementation, ...