eXtensible Access Control Markup Language (XACML) XML Media Type
RFC 7061

Document Type RFC - Informational (November 2013; No errata)
Authors Remon Sinnema , Erik Wilde 
Last updated 2013-11-19
Stream Independent Submission
Formats plain text html pdf htmlized (tools) htmlized bibtex
IETF conflict review conflict-review-sinnema-xacml-media-type
Stream ISE state Published RFC
Consensus Boilerplate Unknown
Document shepherd No shepherd assigned
IESG IESG state RFC 7061 (Informational)
Telechat date
Responsible AD (None)
Send notices to (None)
Independent Submission                                        R. Sinnema
Request for Comments: 7061                                      E. Wilde
Category: Informational                                  EMC Corporation
ISSN: 2070-1721                                            November 2013

    eXtensible Access Control Markup Language (XACML) XML Media Type


   This specification registers an XML-based media type for the
   eXtensible Access Control Markup Language (XACML).

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This is a contribution to the RFC Series, independently of any other
   RFC stream.  The RFC Editor has chosen to publish this document at
   its discretion and makes no statement about its value for
   implementation or deployment.  Documents approved for publication by
   the RFC Editor are not a candidate for any level of Internet
   Standard; see Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at

Copyright Notice

   Copyright (c) 2013 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.

Sinnema & Wilde               Informational                     [Page 1]
RFC 7061                  XACML XML Media Type             November 2013

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . . . 2
   2.  IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 2
     2.1.  XACML Media Type application/xacml+xml  . . . . . . . . . . 2
   3.  Security Considerations . . . . . . . . . . . . . . . . . . . . 5
   4.  Normative References  . . . . . . . . . . . . . . . . . . . . . 5
   Appendix A.  Acknowledgements . . . . . . . . . . . . . . . . . . . 6

1.  Introduction

   The eXtensible Access Control Markup Language (XACML) [XACML-3]
   defines an architecture and a language for access control
   (authorization).  The language consists of requests, responses, and
   policies.  Clients send a request to a server to query whether a
   given action should be allowed.  The server evaluates the request
   against the available policies and returns a response.  The policies
   implement the organization's access control requirements.

2.  IANA Considerations

   This specification details the registry of an XML-based media type
   for the eXtensible Access Control Markup Language (XACML) that has
   been registered with the Internet Assigned Numbers Authority (IANA)
   following the "Media Type Specifications and Registration Procedures"
   [RFC6838].  The XACML media type represents an XACML request,
   response, or policy in the XML-based format defined by the core XACML
   specification [XACML-3].

2.1.  XACML Media Type application/xacml+xml

   This specification details the registration of an XML-based media
   type for the eXtensible Access Control Markup Language (XACML).

   Media Type Name: application

   Subtype Name: xacml+xml

   Required Parameters: none

   Optional Parameters:

      charset: The charset parameter is the same as the charset
      parameter of application/xml [RFC3023], including the same default
      (see Section 3.2 of RFC 3023).

Sinnema & Wilde               Informational                     [Page 2]
RFC 7061                  XACML XML Media Type             November 2013

      version: The version parameter indicates the version of the XACML
      specification.  It can be used for content negotiation when
      dealing with clients and servers that support multiple XACML
      versions.  Its range is the range of published XACML versions.  As
      of this writing, that is 1.0 [XACML-1], 1.1 [XACML-1.1], 2.0
      [XACML-2], and 3.0 [XACML-3].  These and future version
      identifiers must follow the Organization for the Advancement of
      Structured Information Standards (OASIS) patterns for versions
      [OASIS-Version].  If this parameter is not specified by the
      client, the server is free to return any version it deems fit.  If
      a client cannot or does not want to deal with that, it should
      explicitly specify a version.

   Encoding Considerations: Same as for application/xml [RFC3023].

   Security Considerations:

      Per their specification, objects of type application/xacml+xml do
      not contain executable content.  However, these objects are XML-
      based, and thus they have all of the general security
      considerations presented in Section 10 of RFC 3023 [RFC3023].
Show full document text