[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xacml] Draft minutes (take 2)
Draft minutes
Committee: XACML
Date: 2 Oct 2003
Present:
Daniel Engovatov
Michiharu Kudo
Polar Humenn
Tim Moses
Rebekah Lepro
Tony Nadalin
Seth Proctor
Anne Anderson
Frank Siebenlist
Jamie Clark
Chair:
Anne Anderson for Hal Lockhart and Bill Parducci
1. The meeting came to order at 11:00am Eastern.
2. Rebekah introduced herself. She has been following the XACML activity
for some time, and recently decided to get actively involved. Her interests
include distributed authorization in a GRID architecture.
3. The agenda was reviewed and agreed.
4. WSPL vote
The question of whether or not WSPL is within the scope of the XACML TC
charter is open. Jamie explained how OASIS deals with such issues. The
OASIS staff strongly encourages TCs to sort these issues out for themselves.
This can be achieved by a simple majority vote. Anyone who disagrees with
the outcome can appeal to TC admin (Karl and Jamie). Jamie listed three
possible avenues:
a. Approve the specification and see if anyone objects;
b. Don't approve the specification and have someone raise the issue
with staff; and
c. Modify the specification such that it is incontrovertibly in-scope.
A motion was put to the meeting:
The XACML TC asserts that the current draft of the Web-services profile
specification, modified to apply only to access-control, authorization and
entitlements, is within the scope of the XACML TC charter.
For: 6
Against: 2
Carried.
Tony raised the point that, with this new limitation on the applicability of
the specification, the opportunity for different aspects of policy to be
solved in different ways exists, and that this was not desirable. This was
generally agreed. It was felt that a new TC should be chartered to come up
with a common scheme for all aspects of policy in the Web-services
architecture.
Tim offered to organize the first charter discussion, and anyone interested
in participating should let Tim know his or her availability over the next
week.
Tony, Anne and Frank offered to participate.
Tony said that WSPL bears some similarity to a document presented to the WSS
TC and that the contributors of that document made no explicit statement
concerning IP. Tim pointed out that the document in question had been
prepared under OASIS IP rules.
Frank made a suggestion to split the document into two parts: one to specify
an algorithm for combining instances of XACML and the other to address ways
of associating policy instances with interfaces. It was agreed to consider
this proposal at the upcoming face-to-face meeting, at which time we would
have available the revised specification and the results of initial charter
discussions.
5. v2 work items
Anne went through the list of proposed work items for XACML v2.
1. Grid requirements.
2. Location information (Anne and Daniel will submit proposals
for discussion at the face-to-face).
3. Multiple actions per request.
4. Multiple resources per request.
5. Privacy requirements (no champion).
6. Domain-specific identifiers.
7. Condition reference (for discussion at the face-to-face).
8. RuleId reference (for discussion at the face-to-face).
9. Hierarchical entities (for discussion at the face-to-face).
10. Parameters for combining algorithms (for discussion at the
face-to-face).
11. Extension points (awaiting a proposal from Simon).
12. Including Environment in target (for discussion at the face-to-face).
13. Making the target element optional.
14. Requirements for signature enveloping.
15. Requirements for encryption.
16. XACML Policy in SAML Response Conditions
Candidate for closure, since the discussion at the SAML F2F
determined that the use case requirements could be satisfied
without it.
17. XACML policy in SAML response condition.
Candidate for closure, since the discussion at the SAML F2F
determined that the use case requirements could be satisfied
without it.
18. Obligations in rules. (possible discussion at face-to-face)
19. Rule as lowest administrative unit (for discussion at the
face-to-face)
20. Non-normative implementation guidelines.
21. Primer.
22. Time-in-range function (Seth has provided a proposal for
discussion at the face-to-face).
23. Xquery comparison functions (a proposal has been made for
discussion at the face-to-face).
24. Schema for function definitions (Daniel will submit a
proposal for possible discussion at the face-to-face).
25. Function for comparing file system pathnames.
Remaining work items still to be reviewed
6. Next meeting
The focus group will meet on 9th Oct to continue considering the v2 work
items.
There was discussion about canceling the TC meeting on the 16th. But, it
was agreed to use the meeting to refine the agenda for the face-to-face.
7. The meeting adjourned at 12:00 noon.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]