Minutes of 1 April 2004 XACML TC Meeting

[Bill Parducci <bill.parducci@overxeer.com>]

XACML TC General Body Meeting Minutes
1 April 2004; Time: 10:00 AM EDT

Attendees:
Anne Anderson
Hal Lockhart
Michiharu Kudo
Steve Anderson
Michael McIntosh
Tim Moses
Simon Godik
Daniel Engovatov
Seth Proctor
Polar Humenn
Frank Siebenlist
Bill Parducci
Ed Coyne
Tony Nadalin

Quorum reached.

Agenda:

1. Minutes from 18 March meeting voted upon. Move to accept: Michael. Second:
Steve. Approved unanimously.

2. SAML/XACML Attribute Harmony
Key issue: whether it is acceptable for XACML to meet some of the SAML attribute
requirements, specifically re: ValueType. Data typing, desired by XACML, will
not likely be adopted by SAML; discussion centered around willingness of
committee to adopt ad hoc mappings during implementation. General feeling is
that SAML adopters will likely require this functionality in the future, even
though current implementations may not clearly see the need for such. Anne:
suggest optional elements to address this issue. Hal: felt that optional
attributes is worth defending back to SSTC, suggested discussion at next SSTC
Focus Group call. The SSTC Focus Group call is Tuesday NOON (ET).

4. Documentation Update (Tim Moses)
Draft 7 in circulation, still missing concrete proposal on a couple of proposals
(Tim posted to list this morning). Draft 8 pending approval of a few remaining
Work Items, so currently on hold.

6. Work Items (Anne Anderson)
WI #7: Condition Reference
Need to reach consensus (champions have not worked on since last TC call). Tim
posted an alternative to Simon's proposal; Simon inquired into placement of
elements; Tim could not find a mechanism to make structure FINAL, and consensus 
was to leave placement of variables freely interspersed. Move to accept
as stated in Draft 7: Anne. Second: Tim. Approved unanimously.

WI #10:
Parameters for Combining Algorithms: Draft version in Draft 7. Michiharu & Polar
still discussing on list. Issue will parameter sets be in the Type system. Polar
suggests that it is better to keep parameters separate from algorithms for
grouping and association. It is commonly agreed that there is a Type system, but
there is significant dissension on the semantics of the sequence of 
CombinerParameters and how they are associated with <Rules>. That and the fact 
that Michiharu left the call earlier requires this to be brought to closure on 
the list.

WI #18: Obligations in Rules
Options are:
1) Force determinism in which Obligations will be returned by
    requiring evaluation of the entire policy tree at the cost of
    efficient evaluation of distributed policies.
2) Accept non-determinism by not requiring evaluation of entire
    tree, but allow determinism by use of the ordered-* versions
    of the combining algorithms.
3) Drop this work item.  Note that XACML 1.1 allows users to
    control the trade off between determinism in which Obligations
    are returned and efficient evaluation of distributed policies
    by allowing use of the ordered-* versions of the combining
    algorithms.

Polar is opposed to non-deterministic mechanisms in a standard.

SEE LIST FOR MORE DETAILED REVIEW OF WORK ITEMS (Anne to post update)

Meeting Adjourned.