[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes 15 February XACML TC Meeting
(Sorry for the lateness of these, just realized that the Draft was sitting on my mail client) Minutes of XACML TC Meeting 15 February 2007 I Roll Call & Minutes Attendees Hal Lockhart (Co-chair) Bill Parducci (Co-chair, minutes) Erik Rissanen Anne Anderson Seth Proctor David Staggs Ron Williams Prateek Mishra Tony Nadalin Rich Levinson Sekhar Sarukkai (Securent; intends to be voting member) Quorum was achieved - Review minutes from 1 February TC meeting http://lists.oasis-open.org/archives/xacml/200702/msg00001.html UNANIMOUS CONSENT - F2F IBM has offered to host the F2F in its Austin facility (Texas Star Room) on March 13 & 14. This room has Internet access, but lacks call-in facilities. IBM has also offered to provide a morning snack, lunch and afternoon snack on one or both days, depending upon schedule. Basic agenda (timing) needs to be determined to allow for travel planning by attendees. Meet 9-5 both days. IBM needs a list of names and companies for the Internet access setup. Bill will initiate a poll to see who will be attending. - Interop call on Tuesday Meeting of people interested in participating in an OASIS-sponsored interop event. Event will occur at Burton Group conference late June 2007. Burton Group.com has link on front page. All invited to participate. Mailing lists: xacml-demo-tech, xacml-demo-mktg (marketing). Join instructions at OASIS lists server. Network Application Consortium (NAC) also interested in an interop event, but their meeting is in April, which is probably too early for participants to prepare. - Prateek's presentation at RSA and related XACML issues http://lists.oasis-open.org/archives/xacml/200702/msg00009.html Raises some potential work items. Hal will initiate a discussion on the TC mailing list around each issue. Need to be addressed soon if they are to make XACML 3.0. Prateek says he got a very reasonable audience for an 8am talk on standards: people are really interested in XACML and are using it. Hal last year was in last slot of the conference, yet got a packed room. - v1.1 Schema change clarification http://lists.oasis-open.org/archives/xacml/200702/msg00007.html 1.1 schemas are the same as 1.0; only backward compatible changes and clarifications. Issues #40 <ResourceContent> element http://lists.oasis-open.org/archives/xacml/200702/msg00002.html Erik recommends for backwards compatibility that this element be allowed to occur in any Attributes category. E.g. attributes of a Subject could be described in an XML document. If <ResourceContent> is outside the Attributes for a Resource, it is hard to support multiple resources, since <ResourceContent> is not linked to the corresponding resource Attributes group. APPROVED. #64 Simplified treatment of administrative deny http://lists.oasis-open.org/archives/xacml/200701/msg00019.html Erik's recommendation: Deny on an administrative request is not discarded in policy set evaluation, but when we do reduction, we only look for policies which say Permit and ignore those which say deny. APPROVED. #63 Generalization of multiple resources http://lists.oasis-open.org/archives/xacml/200701/msg00018.html Problem with pairing Resource with the Decision. Multiple Subjects is different because all Subjects participate in a single request; multiple Resources is optimization for submitting multiple requests, one for each Resource. Existing semantics do not actually capture intent to allow multiple intermediate subjects. Should also be able to have multiple codebase subjects. DEFER. Hold more discussion on the list. #5 Policies included in a decision request http://lists.oasis-open.org/archives/xacml/200702/msg00004.html Alternative way to address case where one doesn't want submitted policies combined with PDP's normal set is to have multiple PDPs, one of which does not use any other policies. APPROVED. Could revisit later if problems arise. #50 Maxdepth with attribute categories http://lists.oasis-open.org/archives/xacml/200702/msg00013.html Erik does not yet have a proposal for this, but wants people to be aware of it. May want to redefine current DelegationInfo so that only a single delegation depth is supported for administrative policy evaluation. DEFERRED pending discussion and proposal. #65 Defaults in policies http://lists.oasis-open.org/archives/xacml/200702/msg00014.html XML Schema experts minimize use of defaults, because not always consistently applied - some know default and fill it in, but others don't. Recommendation: do not define any more defaults in general. Could take up individual values if people see value in that. APPROVED Next call 1 March 2007.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]