tr33
tr33
Good idea! Also a good point to introduce some sort of "protocol version" a PEP can refer/stick to.
In which cases should the PEP not trust its designated PDP? Some level of "trust" could be provided by the transport layer, e.g. via TLS. Mutual "Trust" could also be...
this issue can be postponed to later discussion
A simple "action" can either be an abstract reference by name, represented as a simple string - e.g. "GET", "READ", "DELETE". Or it can be expressed as a complex structure,...
question to definition of > "format": "ip_address", the examples only contain IPv4 adresses. But IPv4 is overaged and new systems must be IPv6 compatible. however, both address formats will remain...
Section 3.7.2 only states that _custom actions_ can be any other arbitrary string. But there are use cases where an _action_ represents an actual _function_ with parameters and values that...
is this related to [51](https://github.com/openid/authzen/issues/51) ?