- From: Dominique Hazael-Massieux <dom@w3.org>
- Date: Tue, 22 Jun 2010 11:10:45 +0200
- To: public-device-apis@w3.org
Hi, Le mardi 15 juin 2010 à 14:42 +0200, Dominique Hazael-Massieux a écrit : > ** the document is called a XACML profile, is said to use XACML20, but > there is absolutely no explanation as to what this means in practice, > what are the difference with XACML 2.0 or how it relies on it; I guess > some text from the framework could be moved to it or re-used, but I > think some more explanation on the relationship would be needed in any > case I looked a bit into this, and looking at XACML 2.0 [1], it’s pretty clear that calling our document a “XACML profile” is more than a bit of a stretch: • it’s not using the XACML namespace (urn:oasis:names:tc:xacml:2.0:policy) • it’s not using the same elements names (XACML uses capitalized elements names, our document use lowercase hyphen-separated names) • the schema is different in many ways (some XACML elements are translated into attributes, many XACML elements are ommitted) • the processing model looks quite different as well (although I haven’t tried to investigate it in detais) • our profile doesn’t extend XACML in any of the ways defined by the XACML spec (in section “8. XACML extensibility points”, which I note is not normative) I’m sure there were good reasons for all these differences — from what I recall, one of them included simplification; but under that light, I don't think we can call that document a XACML Profile. Independently of that, I still think the document should explain and justify these differences, possibly in an informative appendix; I'm not entirely sure what the IPR implications of adapting the XACML spec are. Dom 1. http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf
Received on Tuesday, 22 June 2010 09:10:55 UTC