[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xacml] minutes of the XACML TC meeting of May 29, 2003
I have a question on the decision about dropping item G in the last call. I think that we should spend more time to discuss about this item because there had been no sufficient discussions on the list. (I noticed that there is a positive comment from Anne) Since the use case I wrote has an indexable parameter (purpose) which is independent of subject, resource, and action, it is reasonable to allow this extension if it keeps backward compatible. Michiharu "Steve Crocker" <steve.crocker@pss-s To: <xacml@lists.oasis-open.org> ystems.com> cc: Subject: [xacml] minutes of the XACML TC meeting of May 29, 2003 2003/05/30 01:45 Minutes for the XACML TC meeting of May 29, 2003 Members Present: CarlisleAdams, Simon Godik, Anne Anderson, Anthony Nadalin, Steve Crocker -- scribe, Bill Parducci, Hal Lockhart, Steve Anderson, Frank Siebenlist. Carlisletook role and quorum was reached. A motion to approve the TC meetings' minutes from 5/1/03and 5/15/03 was moved and approved. Anne made a motion to approve RBAC as an official work item, which was seconded, and no objections were made. Anne will put the RBAC proposal in an official OASIS format. The June 9 meeting will be focused on discussing the RBAC profile with three people from NIST. All are invited. The subcommittee meeting minutes will go to the general mailing list. Please put XACML and RBAC in the subject header to allow automatic mail filtering. The June 9 meeting will give a better indidation of how much work and how many meetings the RBAC work will require. Chances of being able to use the teleconference line for RBAC work is high. Carlislestepped through the items on today's adjenda: Item: 1.1 work items: Progress on 1.1 errata list is minimal. Simon had trouble with getting the XACML spec, errata list document from web site. Aim is to get it to a complete and correct reflection of the state of the spec. Anne has one new item to add to the list. At the end of the meeting, it was agreed to target the errata list in next week's working group meeting. Items A-H from the focus group meeting's items A: fully specified hierarchical resources-- needs more issues resolved B: adding ID attribute--can probably be dropped, no champion willing to save it. A motion was made to drop item B from 1.1, and seconded. no objections. Item B is dropped. C: deterministic algorithm for combining obligations-- AA: Seth Proctor wants to submit proposal, not for obligation, but for a deterministic algorithm (eval order) for evaluation. e.g.: algorithm is not free to skip unavailable policies. This would be a new XACML standardized combining algorithm. Hal: feels opposite, use cases are rare where order of evaluation matters. Those cases where order of eval effects obligations presented are rare. Some discussion on non-deterministic algorithms allow evaluation optimization. CA: may not be manditory to implement, but it would be standardized. AA: will make proposal for inclusion in 1.1 Motion was made to drop item C (combining obligations): moved, seconded, no objections. Item C is dropped. D: Obligations in rule elements: Allows the option to attach obligations to rules rather than just policies. AA: wants to delay to see details of what will go into the spec before approval. E: Condition References AA: Michiharu is ok with dropping this if references to rules are included. They can give the same effect. (see item H) H: References to Rules: proposal is mature are ready for vote: SG: how is equal to condition reference AA: If Michihara's proposal is for condition references only from the top level condition element in a rule, A rule reference could accomplish the same effect by wrapping the condition in a rule whose target is 'any' and refering to that rule. Confusion reigns, we'll have to get Michinvolved for clarification, and to look at it again. Reference is allowed to top level condition elements. F: properties for new combining algorithms: AA: thinks this is too open ended, need a use case Michiharu had a use case for a privacy policy. CA: need to see Michiharu's response to AA, so it stays on the list for next call. Michihara on the call would be very helpful G: Put environment in target element Michiharu is the source AA: resonable HL: generally opposed but if it's optional, doesn't affect those who don't need it, AA: use case: applicability based on time of day, policies that apply only during certain hours. HL: time (being continuous) is not a great candidate for discrete indexing. HL, CA: generally don't like it if it can be misused or abbused. CA: will this be backward compatible to 1.0 SG: wants list of attributes as indexing hints rather than extending the target. HL: suggests dropping for 1.1, maybe consider for 2.0, no objections. Motion to drop this proposal from consideration for 1.1 was moved, 2nd no objections. Item G dropped. Motion to adjorn, seconded, no objections. Upcoming events: Next week's focus group will discuss references to rules and the errata list. RBAC with NIST folks on June 9. Next full group meeting, June 11. A request was made for a sanity check for the proposed 1.1 time frame. You may leave a Technical Committee at any time by visiting http://www.oasis-open.org/apps/org/workgroup/xacml/members/leave_workgroup.php #### minutes_5_29_03.txt has been removed from this note on June 05 2003 by Michiharu Kudoh
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]