Minutes for 27 January 2011 TC Meeting

["Rich.Levinson" <rich.levinson@oracle.com>]

Time: 13:00 EDT
Tel: 513-241-0892 Access Code: 65998

Minutes for 27 January 2011 TC Meeting
 (from Bill thru multi-decision, from Rich for remainder):

I. Roll Call
 Voting Members
  Hal Lockhart (Chair)
  Bill Parducci (Co-Chair, minutes)
  Rich Levinson (minutes)
  Erik Rissanen
  Paul Tyson
  Doron Grinstein

 Non-voting Members
  Gregory Neven
  Franz-Stefan Preiss
  David Chadwick	Individual	Group Member
  Jan Herrmann	Individual	Group Member
  Anthony Nadalin	Microsoft Corporation	Group Member
  David Choy	EMC Corporation	Group Member

 Quorum met: (54% per Kavi)

II. Administrivia
 Approve Minutes:
  13 January 2010 TC Meeting:
  APPROVED unanimously

  Reminder of NIST IDTrust Call for Papers
   http://lists.oasis-open.org/archives/xacml/201101/msg00006.html

  Test Case Repo
   Bill noted that svn repo has 1.0 tagged, 1.1 is "trunk" in repo and 
   that if someone added in v2 we will need to be split it out so that
   1.1 can be tagged.


III. Issues

 v3 WSDL
  Doron offered to investigate contributing a v3 wsdl.

 Multi-decision
  Jan briefly reviewed his reply to the Users list. Paul agreed that
  using Attribute Selector would be difficult to implement.
  http://lists.oasis-open.org/archives/xacml/201101/msg00022.html

 Clarifications on Hierarchical Profile on xacml-users:
   rich: messages on this thread are something of a review of the
     decisions that went into the current 3.0 profile; no changes
     or issues have come up yet.
    http://lists.oasis-open.org/archives/xacml-users/201101/msg00015.html


 Attribute Assertions in XACML request
   suggestion (Rich): need to review replies from Greg, Paul:
    http://lists.oasis-open.org/archives/xacml/201101/msg00026.html
    http://lists.oasis-open.org/archives/xacml/201101/msg00023.html

   comment (Erik): following from Erik's email:
    Gregory's answer was that with the attribute approach it is necessary to 
    define an attribute identifier for each conditional one needs to use in 
    the policy, while this is not necessary with the predicate approach, 
    which, I agree, is a great benefit.
     http://lists.oasis-open.org/archives/xacml/201101/msg00018.html


   discuss(Paul, Franz-Stefan): Paul's wiki page and Franz-Stefan comments:
    http://lists.oasis-open.org/archives/xacml/201101/msg00021.html

	hal, david chadwick had discussion on amf files, as they
	 relate to user attributes from creds to xacml attrs

	on credentials david c addressed topic w cred validation
	 service, turn them into xacml attrs and feed into pdp

	specialized pip - open grid impl - paper in international
	 journal xacml support multi-domain delegation of authority
	 see David's pubs at Kent site

	used ws-trust to talk to credential validation - in box
	 standard way. if pep doesn't want to talk to ws-trust they
	 can use alternative authority

	greg: david and he have had discussions on credentials;
	 cred-based is not what trying to give committee yet.

	paul: are david and greg having the same "interpretation"
	 of "credential"

 Stephen legg questions on xacml-comment list 
	we need to incorporate any fixes etc to errata, new versions

 Other business:

	hal: next call in 2 weeks: 10-feb-11 
	 meeting adjourned

 not discussed yet:

  BTG Profile (Break The Glass): (not addressed last mtg so remains on agenda)
   original (David): http://lists.oasis-open.org/archives/xacml/201011/msg00017.html

  PIP directive (additional information directives)
   original (David): http://lists.oasis-open.org/archives/xacml/201010/msg00005.html
   latest: http://lists.oasis-open.org/archives/xacml/201012/msg00022.html