[xacml] XACML October 24, 2002 Minutes

[Ken Yagen <kyagen@crosslogix.com>]

Title: XACML Conference Call Minutes

XACML Conference Call

Date:  Thursday, October 31, 2002

Time: 10:00 AM EDT

Tel: 512-225-3050 Access Code: 65998

 

Summary

We reviewed an old list of action items that has not been reviewed in a month. Then we reviewed the CR items. Again, we had a long discussion on QNames. There was a call for a vote and URI resolution was approved. The schedule was discussed and Anne's proposed schedule was agreed upon. We will be voting on 11/7 and would like to have 2/3 voting members to approve specification either by email vote or at meeting.

                  

Action Items

1. Anne Anderson to get comments to Tim Moses on the use of LDAP to store policies
2. Anne Anderson to update the digital signature profile
3. Hal to propose XACML changes for SAML, included text and schema change
4. Simon to create SAML profile document (due after finalization of spec)
5. Hal Lockhart to release updated XACML primer in next week

 

 

Votes

Voted to accept minutes of 10/24

Voted to accept issues 76, 98, 101 (URI for everything)

 

Proposed Agenda:

10:00-10:05 Roll Call and Agenda Review
10:05-10:10 Vote to accept minutes of October 24 concall
http://lists.oasis-open.org/archives/xacml/200210/msg00277.html
10:10-10:15 Review action items from minutes
(see also http://lists.oasis-open.org/archives/xacml/200210/msg00010.html)
10:15-10:50 Review open items on spec
10:50-11:00 Discuss plan to get to Committee Spec, OASIS Standard
(face-to-face useful/necessary?)

 

Roll Call

Voting Members

Ken Yagen, Crosslogix

Daniel Engovatov, Crosslogix

Hal Lockhart, Entegrity

Carlisle Adams, Entrust

Tim Moses, Entrust

Michiharu Kudoh, IBM

Simon Godik, Overxeer

Bill Parducci, Overxeer

Polar Humenn, Self

Anne Anderson, Sun Microsystems

 

Prospective Members

Steve Crocker, Pervasive Security Systems

 

Raw Minutes (taken by Ken Yagen)

Voted to accept minutes of 10/24

Voted to approve list of change requests that were listed as resolved in Anne's email. See minutes below for exact list of issues.

 

Old list of action items from 9/26 minutes

Anne Anderson to get comments to Tim Moses on the use of LDAP to store policies

Anne Anderson to update the digital signature profile

Anne Anderson to send a request to SAML for changes based on the XACML context

Has to do with format of issuer and was sent in to SAML by Carlisle. They had missed previous message. They want a specific proposal and Hal took that action item from SSTC. This means schema and text. Anne was keeping track of SAML changes. Once schema and specs done, Anne will go through and pull together a proposed list. SAML is working on 1.1 and does allow for backward compatible changes to 1.0 schema. Part of proposal may be a 2.0 type of SAML change for request context and obligations. Timeframe for SAML 2.0 is likely mid next year.

Tim Moses to make a separate document for the SAML profile

Has been removed from current document but new document does not exist. Simon has schema for SAML extension and offered to take on this task.

Hal Lockhart and Konstantin Beznosov to produce an XACML primer

Konstantin started and Hal has it. Will send out to group within next week.

 

Open Items on the Spec

List of items discussed in subcommittee that need approval

 

Items to review

0076: [Anne] AA02: New section in Appendix A on Structured  datatypes

  STATUS: NEED FINAL VOTE (NQ 10/21).  See RESOLUTION.

Approved

0092: [Polar] PH09: New section 7.4.2 Attributes

  STATUS: 7.4.2.1: two proposals. #2 not yet considered.  See RESOLUTION.

  STATUS: 7.4.2.2: new version not yet considered.  See RESOLUTION.

Related to issue 141

0098: [Anne] AA11: Clarify "MatchId" functions

  STATUS: ACCEPTED (NQ 10/28).  See RESOLUTION.

Approved

0101: [Satoshi Hada] SatoshiHada01: How many namespaces does XACML define?

  STATUS: REJECTED (NQ 10/28). Use URI for everything.

  SEE ALSO: CR#0140,0141

Simon asked to reopen. He disagrees and believes QNames should be used for datatypes and URI for everything else.

Discussion of QNames again...

Anne captured two resolutions and points made

Motion to vote

Resolution 1: Compare as pair and use QName matching

Resolution 2: URI for everything

3 in favor of 1 (QNames), 6 in favor of 2 (URI), 1 no vote

Vote approves URI resolution

Action Item to write up URIs for all datatypes - Anne will specify them and edit action to update examples and schema.

 

Discussion of Schedule

Proposed Timeline from Anne

10/31: TC resolve remaining issues

11/04: SC resolve remaining issues; final review; start e-mail vote

11/05: final specification available

11/07: TC vote on Committee Specification

11/08: 30-day public review starts

12/07: 30-day public review ends

12/09: ?? Face-to-Face meeting?

12/10: ?? Face-to-Face meeting?

12/11: ?? Face-to-Face meeting?

12/11: at least 3 attestations due; final specification available

12/12: TC re-vote on Committee Specification

12/15: Submit to OASIS

 

Open issue of whether need a F2F. If we need one, Sun volunteered to host it. OASIS is encouraging TC's to go to Baltimore that week. Other groups meeting at that time as well.

 

Moved on to 2^nd half of meeting and continue to discuss issues. Resolution of these issues available in Anne's updated list.