Lists Home |
Date Index |
Chiusano Joseph wrote:
> Yes, but XACML has always been intended as a general-purpose (i.e. not
> focused specifically on Web Services) access control policy language,
> and my prediction is that it will remain as such into the future. The
> XACML TC did produce a Web Services Policy Language (WSPL) draft
> about one year ago, but it has not advanced within the XACML TC due
> (IMO) to the core focus of the TC.
That's about right. The WSPL profile is somewhat out of scope for the
group. There's been some discussion about it, and there's even a
prototype implementation available on sourceforge , but it hasn't
I also agree that its general-purpose nature means that XACML will
continue to grow in and out of Web Services environments. There are some
features (like its XML and XPath support) that make it attractive to web
environments. There are other features (like its decentralized nature
and its ability to tie legacy and modern systems together) that appeal
to most people :)
> I wouldn't be surprised to see an open standard for Web Services Policy
> (access control and more) sometime within the next year, whether it
> "branches off" of XACML or is a new committee altogether.
My guess is that Web Service Policy will be more about requirements for
communitcation, and how clients and services work together, than it will
be strictly about access control. Of course, the two go hand in hand, so
I would expect XACML to help inform the discussion. At any rate, I
generally agree with what you're saying here.
FYI, for those who can't get enough discussion about XACML in their
daily lives, there's a general discussion list  at my sourceforge
project. The archive is public, and I would invite anyone to subscribe
or join in the discussions!