OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [xacml] text change of draft 17

This is a list of text change request for the first portion of the draft.

1) Section 2 Background
This section should be "non-normative".
This section looks like a Primer document.

2) Page 13, Section 2.4 Policies based on subject and resource attributes
Although the title of the section writes resource attributes, there is no
description about the resource attributes. We should add some text that
describes the resource attributes.

3) Page 14, Line 446
"Therefore, the first level of XACML conformance does not require
support for date operations" but the table in the conformance section
10.3.6 specifies that all the date-related functions are mandatory.
Which is correct?

4) Page 14, Line 453
"The XACML method of representing functions borrows heavily from MathML.
[MathML]" should be followed by "and some functions borrows from the
working draft of XPath 2.0 [XPath2.0]."

5) Page 14, Line 481
"it is the policy writer's responsibility to ensure that only one policy
statement
applies to a particular decision request. "
What if PolicySet statement is used as the top level policy? I think "only
one
policy statement or one policy set statement" is appropriate.

6) Page 15, Line 508-510
"This idea was described by Sloman [Sloman94]. XACML provides facilities to
specify actions that MUST be performed in conjunction with policy
evaluation
in the <Obligations> element" should be followed by "which idea was
described
as a provisional action by Kudo [Kudo00].

7) Page 16, Line 527
"PAPs write policies and make them available to the PDP"may make people
unsecure. Many people think that the access to PDP should be controlled by
access control policy. So we should be add "The access from PAP to PDP
may be controlled by other access control component".

8) Page 75 References
If change 6) is approved, the following entry must be added to the
references,

[Kudo00] Kudo M and Hada S, XML document security based on provisional
authorization, Proceedings of the Seventh ACM Conference on Computer
and Communications Security, Nov 2000, Athens, Greece, pp 87-96.

9) Page 76 References
Sloman94 that is cited at line 508 must be added to the references.

Michiharu Kudo

IBM Tokyo Research Laboratory, Internet Technology
Tel. +81 (46) 215-4642   Fax +81 (46) 273-7428

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC