[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes from 17 August 2006 TC Meeting
Minutes of the OASIS XACML Technical Committee Meeting 17 August 2006 Voting Member Attendees: Hal Lockhart Michiharu Kudo Argyn Kuketayev Abbie Barbir Kamalendu Biswas Erik Rissanen Bill Parducci Anne Anderson David Staggs Member Attendees: Rich Levinson 1. Roll Call and Agenda Review Quorum was achieved 2. Minutes These will be reviewed at the next meeting due to issues with Oasis mail server. 3. Oasis Errata documents Bill reported that he had not heard back re: Oasis' direction on errata documents. Hal offered that changes are being considered by the Oasis Board to make Errata docs normative. There is general consensus by the TC that in addition to the individual errata items, allowing a red-line version to be normative would be quite valuable. Anne said that she will not be able to develop an errata draft that identifies the individual errata items for several weeks and asked that for a volunteer if there is a need to move this process forward more quickly. 4. Issue Discussion - WS-Policy Assertion formats for XACML (#47) ACTION: Anne will develop a draft on how an XACML policy should be included in a WS-Policy instance based upon her initial discussion to the list. - SAML profile: Do we add attributes to the access request? (#44) We have already agreed that we will allow additional attributes for delegates to be included in the Request Context. The issue here is whether attributes that apply to the Access Subject (i.e. one of the original Subjects) can be included here. The current draft says they can, in order to support more consistency of processing, even if it does mean an extra processing step. STATUS: Pending Review - In the SAML profile: Translation of saml:Subject? (#45) The meaning of "saml:Subject element has to be 'consistent' with the *-id attributes" text in the current SAML Profile needs to be clarified. this will be addressed via the SAML errata and is not relevant to v3 of the XACML spec as it is basically an issue of clarity in the text. STATUS: Closed - SAML profile: multiple holders of attributes (#46) Erik reviewed with the TC. Current draft says one attribute may be associated with multiple holders. STATUS: Pending Review - SAML Profile: Use SAML Attributes instead of XACML Attributes? (#48) Erik asked if there is any situation where a PEP couldn't determine the XACML Attributes? It would be simpler for the PDP if there was a single schema for Attribute processing. Hal offered that is there is value in passing a raw SAML assertion and that the processing would be simpler in the Context Handler. Bill offered that this would create a dependency upon the SAML spec for policy creation and this would remove separation of concerns between SAML and XACML. The TC will continue to study this. meeting adjourned.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]