[xacml] Minutes of policy model subcommittee 18 March 2002

[Anne Anderson <Anne.Anderson@Sun.com>]

Present: Anne Anderson, Ernesto Damiani, Carlisle Adams, Tim
Moses.

1. Although we did not have a quorum, we recommended approval of
   the Anne's proposed resolutions to PM-1-01-A, PM-1-05, PM-1-07,
   PM-2-01, PM-3-03, and PM-3-03-A with the following minor
   changes.  We expect a formal vote to occur at the next meeting
   where a quorum is present.

   New issue:

     Shall XACML mandatory-to-implement combiner algorithms be
     described using some sort of formal language or pseudo-code?
     If so, what syntax shall we use?

     Anne, Ernesto, Carlisle, and Tim recommended that some sort
     of pseudo-code be used.  Java was suggested.  Ernesto
     offered to research various standard pseudo-codes and make a
     recommendation.

     Champion: Ernesto.
   

   PM-1-07: [Move the clause about descriptive text to follow the
   description of how users define algorithms, since the
   presumption is that our mandatory-to-implement algorithms will
   be described using pseudo-code of some sort.]

     The combiner algorithm to be used by a given
     <policyStatement> or <policyCombinationStatement> is
     specified using a URI.

     XACML will specify a small set of mandatory-to-implement
     combiner algorithms.  Users are free to define other
     algorithms (which MAY be defined using descriptive text),
     although not all XACML-compliant PDPs will be able to apply
     them.

  PM-3-03: [Move mention of universal targets to follow the basic
  definition of use of target so it is not seen as either...or]

    A given PDP uses a single <policyCombinationStatement> or
    <policyStatement> as the root of its evaluation.  The
    <target> element of this base policy specifies the set of
    resources, subjects, and actions that this PDP is prepared to
    handle.  This <target> element MAY be universal (allSubjects,
    allResources, allActions).  A PDP returns NOT-APPLICABLE if a
    request does not match the <target> in its base policy.

2. Tim reports that he has a valid schema and examples for
   Version 11.  He is now going through the minutes of the
   face-to-face to make sure he has picked up all the changes.
   Version 11 includes a proposal for arithmetic expressions that
   Tim circulated among the "arithmetic expressions subcommittee"
   (Ernesto, Simon, Michiharu).

3. [ACTION-All] Champions should move to resolve and close
   formally (with vote) all policy model-related issues as soon
   as possible.  This will allow the committee to focus on XML
   syntax issues.

4. [ACTION-Carlisle] Carlisle will announce that the TC has
   resolved most model issues and is now concentrating on XML
   syntax issues.  This announcement may pull in a slightly
   different set of participants, who are more XML-savvy.
   Carlisle will talk to Pierangela about whether she wants to
   continue as the Monday subcommittee chair.

5. Pierangela and Ernesto are willing and able to host the next
   Face-to-Face meeting at the University of Milan in Milan,
   Italy.  The tentative dates are April 22-23, 2002.  These
   dates allow Pierangela and Ernesto the most flexibility in
   scheduling around their classes, and a Monday start allows
   attendees to get Saturday stay-over fare reductions.

6. [ACTION-Carlisle] Carlisle will be attending the IETF on
   Thursday March 21, so may not be able to call in.  He will
   talk to Hal about being prepared to chair the meeting.

Anne
-- 
Anne H. Anderson             Email: Anne.Anderson@Sun.COM
Sun Microsystems Laboratories
1 Network Drive,UBUR02-311     Tel: 781/442-0928
Burlington, MA 01803-0902 USA  Fax: 781/442-1692