[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Proposed agenda - August 5 TC meeting
Date: Thursday, August 5, 2004 Time: 10:00 AM EDT Tel: 512-225-3050 Access Code: 65998 Proposed Agenda: 10:00-10:05 Roll Call and Agenda Review 10:05 - 10:10 Vote on approval of minutes from July 8 & 22 meetings: http://www.oasis-open.org/archives/xacml/200407/msg00013.html http://www.oasis-open.org/archives/xacml/200407/msg00087.html 10:10 - 10:55 Review of Current Proposals 1. XACML XML DSig Profile - Anne a. Canonicalization PROPOSAL: rewrite the XACML XML DSig Profile to say "XACML RECOMMENDS encapsulating XACML schema instances in SAML Queries and Assertions as described in the XACML Profile for SAML 2.0, and signing the SAML instance according to the SAML digital signature mechanisms." and then listing various canonicalization issues that SHOULD be addressed (taken from the Committee Draft above), but not make any recommendation about how to resolve them. b. Signatures on referenced PolicySets and Policies PROPOSAL: (Go back to) allow an optional Name="Hash" Type="xml:hexBinary"? XML attribute in a <PolicyIdReference> or <PolicySetIdReference>, specified as MD5-SHA1 (or some other specific algorithm) for interoperability. 2. XACML Profile for Role Based Access Control (RBAC), Version 2.0 a. Separation of Duty - Anne PROPOSAL: Anne to continue work on Profile independently of XACML 2.0 progress. 3. XACML Profile for Request for Multiple Resources No known issues. TC to review and comment. 4. XACML Profile for Hierarchical Resources - Anne, Daniel a. URI for support for resource-ancestor, resource-parent PROPOSAL: Anne proposes that the XACML Profile for Hierarchical Resources not define a special URI for this mechanism. If an implementation needs an identifier to indicate that it supports these Attributes, then the URIs of the Attributes themselves could be used for this purpose. PROPOSAL: Daniel proposes that we have a URI defined for use in indicating support for these Attributes as a hierarchical resource mechanism. 5. Privacy policy profile of XACML No known issues. TC to review and comment. 6. XACML Profile for SAML 2.0 - Anne a. Populating SAML Response/Status/StatusCode/Value PROPOSAL: The following are the only permitted values, as specified by SAML. Anne proposes they be used as described. o urn:oasis:names:tc:SAML:2.0:status:Success The request succeeded [a Statement is encapsulated] o urn:oasis:names:tc:SAML:2.0:status:Requester The request could not be performed due to an error on the part of the requester. o urn:oasis:names:tc:SAML:2.0:status:Responder The request could not be performed due to an error on the part of the SAML responder or SAML authority. o urn:oasis:names:tc:SAML:2.0:status:VersionMismatch The SAML responder could not process the request because the version of the request message was incorrect. b. Populating SAML Assertion/Conditions and Assertion/Advice PROPOSAL: Anne proposes that our Profiles not specify any values for these, but say a Requester and Responder MAY agree to add Conditions or Advice appropriate for their environment and protocol agreements. 7. Delegation - Simon No proposal to date. 10:55 - 11:00 General Business 1. Review of Current Proposals Tim has posted the latest version of the specification for TC review. 2. OASIS IPR Policy Oasis has made significant changes to its IPR policy. All members of the TC are encouraged to review this policy. b
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]