Project news

Call for Consent for #XACML REST Profile V1.1 and JSON Profile of XACML 3.0 V1.1 as OASIS Standards opens

The OASIS eXtensible Access Control Markup Language (XACML) TC members [1] have approved submitting the following Candidate OASIS Standards to the OASIS Membership in a call for consent for OASIS Standards:

XACML REST Profile Version 1.1
Candidate OASIS Standard 01
28 March 2019

JSON Profile of XACML 3.0 Version 1.1
Candidate OASIS Standard 01
28 March 2019

XACML is an OASIS Standard which describes both a policy language and an access control decision request/response language (both defined in XML). XACML v3.0 is an international standard (ITU-T X.1144), approved by the International Telecommunications Union – Telecommunication Standardization Sector (ITU-T).

The REST Profile specification defines a profile for the use of XACML in a RESTful architecture.

The JSON Profile proposes a standardized interface between a policy enforcement point and a policy decision point using JSON, leveraging the decision request and response structure specified in the core XACML standard.

XACML REST Profile Version 1.1 received 3 Statements of Use from ViewDS Identity Solutions, Axiomatics AB, and Siemens AG [2].

JSON Profile of XACML 3.0 Version 1.1 received 3 Statements of Use from ViewDS Identity Solutions, Axiomatics AB, and Siemens AG [3].

This Committee Specification was approved by the Technical Committee and was submitted for the required 60-day public review [4]. All requirements of the OASIS TC Process having been met [5] [6], the Candidate OASIS Standard is now submitted to the voting representatives of OASIS Organizational Members.

This Call for Consent is taking place under the revised TC Process rules effective 01 July 2017 [2]. This is a call to the primary or alternate representatives of OASIS Organizational Members to consent or object to this approval. You are welcome to register your consent explicitly on the ballot; however, your consent is assumed unless you register an objection [3]. To register an objection, you must:

1. Indicate your objection on this ballot, and

2. Provide a reason for your objection and/or a proposed remedy to the TC.

You may provide the reason in the comment box or by email to the Technical Committee on its comment mailing list or, if you are a member of the TC, to the TC’s mailing list. If you provide your reason by email, please indicate in the subject line that this is in regard to the Call for Consent.

— Details —

The Call for Consent opens at 07 June 2019 00:00 UTC and closes on 20 June 2019 23:59 pm timezone. You can access the ballot at:

Internal link for voting members: https://www.oasis-open.org/apps/org/workgroup/voting/ballot.php?id=3408

Publicly visible link: https://www.oasis-open.org/committees/ballot.php?id=3408

OASIS members should ensure that their organization’s voting representative responds according to the organization’s wishes. If you do not know the name of your organization’s voting representative is, go to the My Account page at

http://www.oasis-open.org/members/user_tools

then click the link for your Company (at the top of the page) and review the list of users for the name designated as “Primary”.

— Additional information —

[1] OASIS eXtensible Access Control Markup Language (XACML) TC
https://www.oasis-open.org/committees/xacml/

TC IPR page
https://www.oasis-open.org/committees/xacml/ipr.php

[2] https://www.oasis-open.org/policies-guidelines/tc-process-2017-05-26#OScallForConsent

[3] XACML TC comment mailing list: https://lists.oasis-open.org/archives/xacml-comment/
(You must be subscribed to send to this list. To subscribe, see https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=xacml.)

XACML TC main mailing list: https://lists.oasis-open.org/archives/xacml/

[4] Candidate OASIS Standard Special Majority Vote:
https://www.oasis-open.org/committees/ballot.php?id=3356

[5] Public reviews:

* 30-day public reviews, 20 September 2018:
https://lists.oasis-open.org/archives/xacml/201809/msg00013.html
– Comment resolution logs:
http://docs.oasis-open.org/xacml/xacml-rest/v1.1/csprd01/xacml-rest-v1.1-csprd01-comment-resolution-log.txt
http://docs.oasis-open.org/xacml/xacml-json-http/v1.1/csprd01/xacml-json-http-v1.1-csprd01-comment-resolution-log.txt

* 60-day public reviews, 06 April 2019:
https://lists.oasis-open.org/archives/members/201904/msg00004.html
– Comment resolution logs:
TBD. No comments received.

[6] Statements of Use:

– Statements of Use for XACML REST Profile Version 1.1

ViewDS Identity Solutions:
https://lists.oasis-open.org/archives/xacml/201902/msg00001.html

Axiomatics AB:
https://lists.oasis-open.org/archives/xacml/201902/msg00010.html

Siemens AG:
https://lists.oasis-open.org/archives/xacml/201902/msg00012.html

– Statements of Use for JSON Profile of XACML 3.0 Version 1.1

ViewDS Identity Solutions:
https://lists.oasis-open.org/archives/xacml/201902/msg00000.html

Axiomatics AB:
https://lists.oasis-open.org/archives/xacml/201902/msg00011.html

Siemens AG:
https://lists.oasis-open.org/archives/xacml/201902/msg00012.html