[xacml] XACML June 13, 2002 Minutes

[Ken Yagen <kyagen@crosslogix.com>]

Title: XACML Conference Call Minutes

XACML Conference Call

Date:  Thursday, June 13, 2002

Time: 10:00 AM EDT

Tel: 512-225-3050 Access Code: 65998

 

Minutes of Meeting

 

Summary

Review of the action items showed we are making progress but still new issues for the issues list are not being identified. Most of the meeting focused on planning for the upcoming face to face. There will be conference calls held on Thursday for those not attending. Carlisle will send out an email with the agenda for these. Minutes will be sent out to the list from the F2F periodically as well. Finally, discussion about a new Access Control background subcommittee was held and Tim agreed to lead up this effort.

 

Action Items

1. Ken to send list of members to Tim and Michiharu
2. Anne to send message to Ernesto to ask him what he is doing on non-normative examples of policy signatures
3. All - submit any issues related to SAML changes to issues list (no deadline assigned but SSTC is putting together a work list right now). Please highlight to Ken any issues so they can be grouped into issues list.
4. Anne - go over request context with Eve Maler to see which parts make sense to fold into SAML.
5. Ken to add request context and authz decision issues to SAML issue list
6. Anne to submit single, more concise example by Face to Face
7. All - review issues list and submit resolutions for issues that have been resolved by the TC or proposed resolutions for issues you believe can be closed. Also, provide any information on new issues not included in the list.
8. Tim to release version 14 of spec
9. Tim to lead Access Control background subcommittee

 

Action Items on Hold

1. Waiting on OASIS to discuss IP issues with IBM in 1 to 1 ½ weeks
2. Hal to take over section 6 of specification (on hold until XrML issue resolved) Hal - maybe should propose something for section 6 anyways, regardless of XrML.
3. XACML primer from Hal and Konstantin needs new due date based on context work

 

 

Votes

Motion to accept minutes of 5/16 moved and accepted

Motion to accept minutes of 5/30 moved and accepted

Motion to move next weeks meeting to 11:30 AM EDT (8:30 AM) moved and accepted

 

Proposed Agenda:

10:00-10:05 Roll Call and Agenda Review

10:05-10:10 Vote to accept minutes of May 16 meeting

http://lists.oasis-open.org/archives/xacml/200205/msg00060.html

10:10-10:15 Vote to accept minutes of May 30 meeting

http://lists.oasis-open.org/archives/xacml/200206/msg00015.html

10:15-10:25 Review of Action Items (see 5/30 minutes)

10:25-10:35 Report of Schema Sub-Committee (Anne)

10:35-10:45 Discussion of next face-to-face meeting (Carlisle)

10:45-11:00 XACML "background" section (Tim)

 

Roll Call

James MacLean, Affinitex

Simon Godik, Self

Ken Yagen, Crosslogix

Hal Lockhart, Entegrity

Carlisle Adams, Entrust

Tim Moses, Entrust

Don Flinn, Hitachi

Konstantin Beznosov, Hitachi

Michiharu Kudoh, IBM

Polar Humenn, Self

Suresh Damodaran, Sterling Commerce

Anne Anderson, Sun Microsystems

 

Raw Minutes (taken by Ken Yagen)

 

Send list of members to Tim and Michiharu

10:08

Review of agenda

 

Last week, not enough members for quorum.

 

10:09

Motion to accept minutes of 5/16 moved and accepted

Motion to accept minutes of 5/30 moved and accepted

 

Review of Action Items of 5/30

1. TC to approve minutes of 5/16 at the next TC Call

Done

2. Ernesto and Anne to provide non-normative examples of policy signatures

Anne to send message to Ernesto to ask him what he is doing on it

3. Carlisle to query Karl Best regarding IBM IP Statement

Spoke with Karl Best and 1 to 1 ½ weeks board of directors of OASIS meeting with IBM regarding ebXML IP issues and will discuss this issue as well.

4. Michiharu to query IBM IP regarding time estimate for responding to OASIS

Told by IP people may be difficult to support royalty free IP for XACML but may change. Asked for continual update regarding policy. Not given reason why it may be difficult.

5. All - submit any issues related to SAML changes to issues list (no deadline assigned but SSTC is putting together a work list right now)

No issues have gone by. Anne - may be some indirect ones from proposed changes to request and response context structure. Carlisle - Please highlight to Ken any issues so they can be grouped into issues list. Anne - may make sense to go over request context with Eve Maler and see which parts make sense to fold into SAML. Hal - Thought might propose new version of Authorization Decision query/response. Obligation part is a separate issue.

Ken - Will add these two issues to the issues list.

6. Michiharu to submit example app before 6/3 Schema call

Complete

7. Anne to submit single, more concise example by 6/13 TC Call

Hope to have something to present at Face to Face

8. Ken to issue next version of issues list before 6/13 provided input from TC (see next issue)

Ken - no changes, but perhaps can be reviewed and updated at Face to Face.

9. All - review issues list and submit resolutions for issues that have been resolved by the TC or proposed resolutions for issues you believe can be closed. Also, provide any information on new issues not included in the list.

Repeated - still an open item.

10. James to work on section 10 of S&P spec over next few weeks (6/13?)

James - posted a draft to the list this morning. Tim - can cut and paste that into v14

11. Carlisle - Will put out an email with a proposed date and time of next F2F and finalize on next weeks TC Call.

Complete

 

Action Items on Hold

12. Hal to take over section 6 of specification (on hold until XrML issue resolved)

Hal - maybe should propose something for section 6 anyways, regardless of XrML.

13. XACML primer from Hal and Konstantin (on hold until clean up context issue. Due Date is 6/13

Not done yet, probably needs new due date based on context work

 

10:22 Schema Subcommittee Report (Anne)

Talked about request context issues and agreed there would be only one resource specified in the context and only one action string. Will support multiple principals. Decided to treat name identifier as a distinguished element under principal. Talked about a tag on principal element that identifies role is playing in request. Default value will be access subject. Discussed context other contains attributes needed to make policy decision. Attribute namespace should be separated from attribute names. Simon reissued proposal for attribute designator. Anne posted revised request context. Tim will have v14 out and obligations will be optional, not mandatory.

 

Hal - Is the sense to define an "AND" semantic around parsing of compound action string. Would be a requirement for Java and maybe elsewhere. Ie if need to say person needs read, write and execute.

Anne - up to policy issuer and PEP. Sense of group was there should be only one action string.

 

10:30 F2F Discussion

Wed and Thurs next week (6/19 - 6/20) in LA area. Details have been sent to the list from Carlisle on the 6/7. Primary objective will be to nail down the schema and input/output context. Also try to close off some of the issues in the issues list. S&P, Conformance, etc could also be addressed.

Should we have a set dial in time?

Someone taking minutes could send them to the list as meeting progresses?

Time is Wed and Thurs 9 - 5

Tim - Minutes go out at end of each morning and each afternoon.

will propose to open the conference line at 11:30 and 4:30

9AM would be 6PM in Italy.

Carlisle - how about 8:30 AM on Thursday morning. What about Thursday afternoon at 1 or 2? Minutes out at Noon and dial in at 1:30 PM PDT.

Carlisle - dial in for one hour.

Carlisle - Minutes at Noon and end of day Wed and noon Thurs. Dialin at 1:30 and 8:30 on regular conference number.

Carlisle will send out email with this information today or tomorrow.

 

10:46 Background Section Discussion

Tim - Would like to address the IP topic and the effect on spec. Suggest background section with comprehensive list of references and citing the academic and standards literature. Orients reader where XACML fits in big picture.

ContentGuard patents are dated 1994 (filing). ACLs are much older.

Tim - asking if people are supportive and would they like to assist.

Hal - Hope some of academic members may have this available.

Anne - Have a fairly extensive bibliography.

Carlisle - Not just looking for references, but also comments on content of reference.

Tim - example, paragraph on VMS and citing a paper from early 70's.

XACML - not new, but trying to do it in a standard format.

Anne - would be happy to parcipate.

Tim - suggestion is a subcommittee to generate this.

Michiharu - Would volunteer as well. Website has section with summary of related work and academic papers. Pierangela published a summary paper to a journal that covers 70's to latest work.

Polar - Yes, I could assist.

Tim - Volunteered to lead the effort.

 

Policy Subcommittee meeting should still be held on Monday.

TC call will not be on but there will be a minutes discussion.

Anne - TC Call encourages participation.

Motion to move next weeks meeting to 11:30 AM EDT (8:30 AM).