[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Fwd: FW: new OASIS discussion list : XACML
Forwarded on behalf of Nigel. >From: "Edwards, Nigel" <Nigel_Edwards@hplb.hpl.hp.com> >To: "'eve.maler@east.sun.com'" <eve.maler@east.sun.com> >Subject: FW: new OASIS discussion list : XACML >Date: Fri, 23 Feb 2001 09:47:37 -0000 >X-Mailer: Internet Mail Service (5.5.2650.21) > >-----Original Message----- >From: Edwards, Nigel >Sent: Friday, February 23, 2001 9:29 AM >To: 'Karl Best'; members@lists.oasis-open.org; >tc-announce@lists.oasis-open.org; >security-services@lists.oasis-open.org; >xacml-discuss@lists.oasis-open.org; xml-dev@lists.xml.org >Subject: RE: new OASIS discussion list : XACML > > >I do not see how to separate "an XML framework for exchanging >authentication and authorization information (SAML)" and "the >representation of access control policies as XML". It seems to me that >the later is a subset of the former. > >Whilst I think it is important to have a way to represent access >control policies as XML, I do not see that separating out the latter >effort from SAML will benefit either the industry or the wider >community. It will make coordination of the work harder and further >stretch the people working in the area. Many of the people working on >SAML would want to be involved and have much relevant technical and >business experience to offer. Conducting the efforts in parallel will >make it difficult for these people to participate in both efforts >adequately. This increases the probability of inconsistencies between >the two efforts. > >I also believe having two specifications which are closely related >will increase the probability of confusion in the minds of the >specification consumer (which one do they use for what). This is >likely to cause fragmentation which will reduce the adoption and >ultimate impact of both efforts. > >I have no quarrel with the technical ideas behind the XACML >suggestion. I think it is an excellent idea and hope to >participate. However, in I my opinion the proper place for the XACML >activity to take place is within the Oasis Security Services Technical >Committee, possibly as a follow on activity. > >A possible alternative would be for XACML to focus purely on the >"application of access control policies to XML documents". In which >case they could use SAML and there would be a clear demarcation of >scope. However, this would also imply waiting until SAML reaches a >certain level of stability and would require a reduction in the >current scope statement. > >Nigel Edwards (Hewlett-Packard) > > > -----Original Message----- > > From: Karl Best [mailto:karl.best@oasis-open.org] > > Sent: Wednesday, February 21, 2001 7:13 PM > > To: members@lists.oasis-open.org; tc-announce@lists.oasis-open.org; > > security-services@lists.oasis-open.org; > > xacml-discuss@lists.oasis-open.org; xml-dev@lists.xml.org > > Subject: new OASIS discussion list : XACML > > > > > > Upon request by three eligible participants, I have created an OASIS > > Discussion List whose purpose is to discuss the possible > > creation of an > > OASIS Technical Committee. This list will exist for no longer > > than 90 days, > > after which time a TC may be formed or not. > > > > The scope of discussion is eXtensible Access Control Markup > > Language (XACML, > > an intermin moniker), which addresses security related specifications > > orthogonal to the efforts of the existing Security Services OASIS TC. > > Whereas the Security Services TC exists to define an XML framework for > > exchanging authentication and authorization information, > > XACML is concerned > > with the representation of access control policies as XML and the > > application of these policies to XML documents. The people > > requesting the > > creation of this discussion list have discussed this effort with the > > existing Security Services TC, and that TC agreed that this > > work is best > > carried out as a separate, though coordinated, effort rather > > than as a part > > of the Security Services TC. > > > > Current public examples of the types of issues the group will > > address are > > illustrated by http://www9.org/w9cdrom/419/419.html and > > http://www.trl.ibm.co.jp/projects/xml/doccont/xacl_e.htm > > > > The persons requesting the creation of this list are: > > > > Ernesto Damiani, edamiani@crema.unimi.it (Individual member) > > Pierangela Samarati, samarati@dsi.unimi.it (Individual member) > > Simon Y. Blackwell, sblackwell@psoom.com (Psoom) > > Frank Chum, fchum@psoom.com (Psoom) > > Fred Moses, fmoses@entitlenet.com (EntitleNet) > > > > The discussion leader will be Ernesto Damiani. > > > > In order to participate in this discussion you should subscribe to the > > discussion list by sending a message to > > xacml-discuss-request@lists.oasis-open.org with the word > > "subscribe" as the > > body of the message. If you do not wish to subscribe, but > > wish to view the > > discussion you may view the list archives at > > http://lists.oasis-open.org/archives/xacml-discuss > > > > > > </karl> > > ============================================================ > > Karl F. Best > > OASIS - Director, Technical Operations > > 978.667.5115 x206 > > karl.best@oasis-open.org http://www.oasis-open.org > > > > > > ------------------------------------------------------------------ > > To unsubscribe from this elist send a message with the single word > > "unsubscribe" in the body to: > > security-services-request@lists.oasis-open.org > > -- Eve Maler +1 781 442 3190 Sun Microsystems XML Technology Center eve.maler @ east.sun.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC