David, From: David Brossard [ mailto:
david.brossard@axiomatics.com ] Sent: Monday, November 28, 2011 10:03 AM To: Sinnema, Remon Cc:
xacml@lists.oasis-open.org Subject: Re: [xacml] Media type for XACML? > Would the text/xml be good enough? That's what I currently use, but that doesn't reveal anything about the type of XML document. I'd rather use something more specific like application/xacml+xml, or even application/xacmlpolicy+xml, application/xacmlrequest+xml, and application/xacmlresponse+xml. This approach was chosen for SAML: OASIS registered both application/samlassertion+xml [1] and application/samlmetadata+xml [2]. RFC 3023 [3] claims that having a dedicated media type registered for a specific XML language will improve interoperability. This is especially true for XACML in a RESTful architecture [4]. In such an environment, resource representations drive application state [5], meaning that the application doesn't know in advance what media type a given service returns. It would be helpful in such scenarios to be able to distinguish between XACML and, say, Atom. REST frameworks may offer automatic conversions based on the media type [6]. Without those, clients are forced to parse the XML manually and inspect the content before they can decide how to process it. If the TC agrees that this is a nice thing to have, then I'd be happy to submit a registration proposal [7]. Thanks, Ray [1]
http://www.iana.org/assignments/media-types/application/samlassertion+xml [2]
http://www.iana.org/assignments/media-types/application/samlmetadata+xml [3]
http://tools.ietf.org/html/rfc3023#appendix-A.1 [4]
http://www.ics.uci.edu/~fielding/pubs/dissertation/rest_arch_style.htm [5]
http://roy.gbiv.com/untangled/2008/rest-apis-must-be-hypertext-driven [6]
http://jackson.codehaus.org/javadoc/jax-rs/1.0/javax/ws/rs/Consumes.html [7]
http://tools.ietf.org/html/rfc4288