[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes 18 January XACML TC Meeting
I Roll Call & Minutes Attendees Hal Lockhart (Co-chair) Bill Parducci (Co-chair, minutes) Anthony Nadalin Abbie Barbir Erik Rissanen Anne Anderson Seth Proctor David Staggs Kamalendu Biswas Argyn Kuketayev Rich Levinson Quorum was achieved (84% per Kavi) VOTE: Unanimous APPROVAL of revised minutes from 4 January 2007 II Administrivia F2F Tentative date was chosen as March 13th-14th TC will propose potential locations to the list Bill will generate a new ballot based upon proposed locations Anne has posted the References document to the site. Anne has linked an updated XACML References and Products document to the TC Web Page. III Issues Issue #34 Erik raised "import circularity" issues introduced in v3 as a result of Policy Issuer being required for the Policy Schema. The TC discussed how best to deal with this. The general consensus of the TC that the Context and Policy Schemas be merged. Issue #5: Policies included in a decision request Anne will repost her proposal on the list in response to discussion on the list. Anne proposed semantics for policies that are provided by a PEP as part of an authorization decision request. The version in http://lists.oasis-open.org/archives/xacml/200701/msg00013.html was generally approved, with three changes: 1) these policies will be part of the SAML XACMLAuthzDecisionQuery, not part of the core Request Context, 2) Change "MAY" to "MUST" in: "the policies MAY be used by the PDP for evaluation of the current authorization decision request only", 3) make it clear that the combining algorithm by which these policies are combined with other applicable policies is the one in the "top level/root policy" used by the PDP, and not some new combining algorithm. Anne will redraft this for inclusion in the next release of the 2.1 version of the XACML SAML Profile. Issue #35: Attribute timing The issue concerns a PDP that wants to advertise whether it uses Attribute values as of the time of policy evaluation vs. Attribute values as of the time the policy was issued. Anne's proposal is that these options be included in the mechanism proposed in Issue #36: PDP metadata; in fact, attribute timing is already listed in that issue as a potential metadata element. The TC approved this approach to advertising attribute timing, so Issue #35 is CLOSED. Issue - New Erik reviewed an earlier discussion on Administrative Policy reduction and will post and outline of the Issue and a proposed solution to the list. meeting adjourned.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]