[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [xacml] text change of draft 17
This is a list of text change request for the first portion of the draft. 1) Section 2 Background This section should be "non-normative". This section looks like a Primer document. 2) Page 13, Section 2.4 Policies based on subject and resource attributes Although the title of the section writes resource attributes, there is no description about the resource attributes. We should add some text that describes the resource attributes. 3) Page 14, Line 446 "Therefore, the first level of XACML conformance does not require support for date operations" but the table in the conformance section 10.3.6 specifies that all the date-related functions are mandatory. Which is correct? 4) Page 14, Line 453 "The XACML method of representing functions borrows heavily from MathML. [MathML]" should be followed by "and some functions borrows from the working draft of XPath 2.0 [XPath2.0]." 5) Page 14, Line 481 "it is the policy writer's responsibility to ensure that only one policy statement applies to a particular decision request. " What if PolicySet statement is used as the top level policy? I think "only one policy statement or one policy set statement" is appropriate. 6) Page 15, Line 508-510 "This idea was described by Sloman [Sloman94]. XACML provides facilities to specify actions that MUST be performed in conjunction with policy evaluation in the <Obligations> element" should be followed by "which idea was described as a provisional action by Kudo [Kudo00]. 7) Page 16, Line 527 "PAPs write policies and make them available to the PDP"may make people unsecure. Many people think that the access to PDP should be controlled by access control policy. So we should be add "The access from PAP to PDP may be controlled by other access control component". 8) Page 75 References If change 6) is approved, the following entry must be added to the references, [Kudo00] Kudo M and Hada S, XML document security based on provisional authorization, Proceedings of the Seventh ACM Conference on Computer and Communications Security, Nov 2000, Athens, Greece, pp 87-96. 9) Page 76 References Sloman94 that is cited at line 508 must be added to the references. Michiharu Kudo IBM Tokyo Research Laboratory, Internet Technology Tel. +81 (46) 215-4642 Fax +81 (46) 273-7428
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC