Profile

Hi Mohammad, In reading your proposal for a "pure attribute" approach, particularly for social networking scenarios, the proposal seems to require/assume that the subject's entire social graph is included in every authorization request. It seems like this would make each auth request very large very ...

(reposting – forgot to reply to list) Two or more policysets should never have the same policysetid and version values. The identity of a policy revision is policy(set)id + version. The version attributes given in PolicySetIdReference are regular expressions, so it is quite possible that two or more ...

Thanks for the replies. My follow –ups are inline below, prefixed by [DT] Danny Thorpe Authorization Architect Dell Identity & Access Management, Quest Software Quest Software is now part of Dell. From: Mohammad Jafari [mailto:mjafari@edmondsci.com] Sent: Sunday, November 11, 2012 3:32 PM To: Danny Thorpe ...

Ok, great. Thanks. -Danny Danny Thorpe Authorization Architect Dell Identity & Access Management, Quest Software Quest Software is now part of Dell. From: Hill, Richard C [mailto:Richard.C.Hill@boeing.com] Sent: Thursday, November 08, 2012 8:51 AM To: Danny Thorpe; xacml@lists.oasis-open.org Subject: ...

I just noticed an issue I brought up in January ( https://www.oasis-open.org/apps/org/workgroup/xacml/email/archives/201201/msg00025.html ) is still not addressed in the IPC profile Working Draft 08. The data type of the EffectiveDate and ExpirationDate attributes is indicated as http://www.w3.org/2 ...