[xacml] XACML February 7, 2002 Minutes

[Ken Yagen <kyagen@crosslogix.com>]

Title: XACML Conference Call Minutes

Sorry these are last minute. I thought I had already sent them out.

---

XACML Conference Call

Date:  Thursday, February 7, 2002

Time: 10:00 AM EST

Tel: 512-225-3050 Access Code: 65998

Minutes of Meeting

 

Summary

Discussed proposed changes to SAML and concluded group is not ready to present anything to SAML until April 1 milestone. Hal and Michiharu were to propose a fragment of schema for postconditions, but it is dependent on 0.9 spec which has not yet been released. Deadline will be moved to 2/18. Extensibility also hinges on 0.9, but the current schedule still looks fine. Policy Model subcommittee reported that they discussed definition a lot of issues that could cause problems and they are mentioned in the meeting minutes. Carlisle presented an overview of his mystery proposal and promised to post it to the list. There was discussion of the issues list and the need to close some issues. Anne agreed to write up proposed resolutions for voting. Discussion of the next F2F in Burlington, MA on 3/11, 3/12.

 

Action Items

1. Carlisle will email ContentGuard
2. Sekahr and Simon to send presentations to Michiharu for website
3. Michiharu to grab F2F presentations off of list and post to website
4. Anne to send SAML issues to Ken for next draft of issues list
5. Anne to call out issues from her proposal with more information
6. Ken to post next version of issues list
7. Michiharu to post first proposal by 2/11
8. Carlisle to post proposal by Friday
9. Anne to write up proposed resolutions to issues that can be closed.
10. Anne to send out pointers of hotels for next F2F
11. Michiharu to update schedule on website
12. Tim to get 0.9 out by 2/14

 

Votes

1. Voted to accept the minutes of the  1/23-1/24 meeting

 

Raw Minutes (taken by Ken Yagen)

 

Proposed Agenda:

10:00-10:10 Roll Call and Agenda Review

10:10-10:15 Vote to accept minutes of January 23-24 meeting

http://lists.oasis-open.org/archives/xacml/200201/msg00081.html

10:15-10:25 Review of Action Items (see 1/24 minutes)

10:25-10:35 Report of Policy Model Sub-Committee

10:35-10:40 Mystery Proposal for a path forward...

10:40-10:50 Discussion of Overall Status

(in particular, open/closed items on current issues list)

10:50-11:00 Discussion of proposal(s) for next face-to-face meeting

 

 

1015: Roll Call

Voting Members

James MacLean, Affinitex

Ken Yagen, Crosslogix

Hal Lockhart, Entegrity

Fred Moses, Self

Gilbert Pilz, e2Open

Carlisle Adams, Entrust

Jason Rouault, HP

Michiharu Kudoh, IBM

Bill Parducci, Self

Pierangela Samarati, University of Milan

Sekhar Vajjhala, Sun Microsystems

Anne Anderson, Sun Microsystems

 

Prospective Members

Polar Humenn, Self

 

10:17 Discuss of Agenda

Hal - what about action item from ContentGuard

Carlisle - waiting for ContentGuard to contact him; will send him an email

 

10:18 Motion to approve minutes from meeting

10:19 Action Items - Posting presentations to website

Sekhar and Simon get presentations to Michiharu

Mihiharu grab ones off list and post

 

Discussion of SAML liason (Anne) and proposing changes to SAML

Schedule calls for April 1; Group feels not ready until then to tell them anything

Get issues to Ken for next draft of issues list

 

0.9 not out yet from Tim

Issues from Anne's proposal. Anne should call them out with some additional information

Ken - get out next draft of issues document next week

Hal and Michiharu were to propose fragment of schema for post conditions

Michiharu - depends on the specification of base policy and policy reference so want to see specification before make proposal to list. Deadline should be extended until 0.9 is out

Hal - might be well to propose part agree on and then create a list of issues. My proposal is simple bare bones model that may be adequate

Michiharu - will do my best to post first proposal by 2/11

Extensibility - hinges on 0.9 but tentatively still looks fine

 

10:32 Policy Model subcommittee report

Pierangela - Brought up all the doubts and everything we weren't convinced that could create a problem. Main issues were in minutes sent out today: definition of target, relationship between target and expressions that appear in rule inside of target. Policy composition with respect to evaluation of Boolean expressions on policy discussed. Need to clarify these doubts and solve these issues.

Hal - Consensus agreement need a four value logic (grant, deny, inapplicable, insufficient info). Need applicability test as complicated as possible but need a policy element that can identify applicability with minimal processing. Current proposal won't achieve these requirements. Have an initial target for quick and later section for arbitrary Boolean expressions around more fine grained applicability in addition to separate one that computes grant/deny. Issue of how we evaluate the logic over all the different operators we want.

 

10:38 Mystery proposal for a pass-forward

Tim and Carlisle discussed struggle in groups on triple syntax, grant/deny, what goes in a target, how you define applicability, what is a rule versus a policy, combination logic, etc. Came up with a picture of a model that recognizes the different camps we've heard. Will write up what we have and propose for discussion on Monday's call. (by end of day Friday)

 

10:40 Overall status

Any items on current list closed/new ones popped up

Hal mentioned several

Hal - made a proposal to extend the element for enclosing sub-policies which is an issue (sent a week ago 1/31 titled Boolean policy proposal - slight modification)

Anne - PM2-05 may have been closed. At F2F agreed PDP has a single base policy or if has multiple, do not specify how PDP defines it complete.

Bill - anything determines outcome that's outside our scope will cause problems

Some discussion, so not closed.

Anne - PM2-06 Decided will rely on encapsulated SAML assertion.

Hal - agreed it made sense to define the policy by itself and then separately define way to put in the SAML assertion. (2 layers). In first form, no way to digitally sign it.

Anne - write up proposed resolution. I'll add to list and we can vote on it at next call

Anne - PM4-05 Duplicate of PM4-02 Policy Name a URI

Anne - send a list of others think have been closed to list

 

10:54 F2F Meeting

Anne proposed a place and date

Burlington, MA on March 11,12

Anne - some preferred week of 18^th, but IETF meeting is that week (may only be Carlisle, Polar)

11 said yes to 11,12, 2 said cannot (Ernesto, ShinWan), Pierangela by phone

Anne - pointers to hotels close by

 

[James MacLean joined late]

 

Michiharu - is okay to update schedule on web page

Yes, you should

Move post condition decision to 2/18

Specific dates for F2F should be added to schedule and posted

0.9 probably 2/14 but Tim not available to confirm.