Re: [xacml] Minutes for 26 May TC Meeting - UPDATED

[David Brossard <david.brossard@axiomatics.com>]

Hi all,

Minor changes inline - typo in my last name and change from Dave Chadwick to me.

Kind regards,
David.

On Thu, May 26, 2011 at 5:14 PM, Bill Parducci <bill@parducci.net> wrote:

I. Roll Call
 Voting Members
 Hal Lockhart (Chair)
 Bill Parducci (Co-Chair, minutes)
 Paul Tyson
 Doron Grinstein
 Remon Sinnema
 Anthony Nadalin
 Rich Levinson
 Hal Lockhart
 John Tolbert

 Member
|  David Broussard

Should read: David Brossard

 Quorum NOT met: (47% per Kavi)

I. Roll Call & Approve Minutes:
 Minutes
 NO vote on minutes for 19 May 2011 TC Meeting

II. Administrivia
 Hal noted that he will request at that next call we move back to
 biweekly calls.

 XACML 3.0 core wd 20 uploaded
 The TC is encouraged to review.

 F2F
 Hal will create a poll to gather the final attendance count for the
 F2F.

III. Issues Discussed
 PDP REST Interface (PAP)
 Hal noted that the current thinking on the list attribute
 information would be in JSON and transported using a POST over HTTP
 with the response. He offered that he personally would like to see
 this done in such a way that doesn't cap the functionality.

 David Chadwick concurs with this and noted that his current
 prototype doesn't cover Multiple Resources, but that this isn't part
 of the Core spec.

should read David Brossard concurs...

 Paul pointed out that the W3C is working to develop standardized
 mechanisms for expressing RDF graphs and that XACML fits within the
 scope of this work. Therefore the TC should consider building upon
 that work. Alternatively, he offered that a "bridge" between XACML
 and the W3C work may be developed.

 Hal countered that direct association with the concept of "Semantic
 Web" work may defeat the underlying driver for this project
 (enhanced approachability of XACML).

 Paul noted that he is not against any efforts to make XACML more
 approachable in HTTP based environments.

 XACML Implementers Guide
 Rich reviewed his position on the ramifications of how the current
 direction on extended Indeterminate response and what it may mean to
 new adopters. This lead to the revival of the Adopters Guide. Rich
 asked that the TC consider adding/updating content to the guide as
 for changes to the spec/Profiles that have been added since the
 guide

IV. New Issue
 Permit|Deny Bias PDPs & Extended Indeterminate
 Rich introduced and issue that was derived from comments by
 Indeterminate (D|P) results need to be percolated up to the response
 when generated by PDP bias.

 Paul asked for clarification where Ind(D|P) would be applicable in a
 real world example. He noted that and Ind(D) could not be converted
 into a Permit. Rich offered that additional Attributes could result
 in a N/A. Paul replied that this still doesn't result in a practical
 Use Case. Rich suggested that the TC dig into Chapter 2 of the
 Implementor's Guide to begin the clarification process.

 Obligations/Advice combining ambiguities.
 Rich asked for input on the current understanding on how Obligations
 /Advices are combined in a deterministic manner. Hal reviewed the
 historical context of the desire for unordered evaluation. Rich
 will post a proposed solution to the list that is based upon the
 concept of a "default" behavior, that is followed by a list of an
 enumerated list of Obligations/Advices that are attempted.

V. Carryover Issues
 Indeterminate Policy Target handling
 http://lists.oasis-open.org/archives/xacml/201105/msg00090.html

 PDP REST Interface - proposal
 http://lists.oasis-open.org/archives/xacml/201105/msg00056.html
 http://lists.oasis-open.org/archives/xacml/201105/msg00086.html
 ("Towards the creation of XACML PEPs")

 Attribute predicate profile for SAML and XACML
 http://lists.oasis-open.org/archives/xacml/201105/msg00088.html

 XACML Metadata
 http://lists.oasis-open.org/archives/xacml/201105/msg00004.html

 Attribute predicate Profile for SAML and XACML
 http://lists.oasis-open.org/archives/xacml/201104/msg00080.html

 Break The Glass Profile
 http://lists.oasis-open.org/archives/xacml/201104/msg00082.html

 Profile Examples (Hierarchy)
 http://lists.oasis-open.org/archives/xacml/200910/msg00024.html

 PIP directive (additional information directives)
 http://lists.oasis-open.org/archives/xacml/201010/msg00005.html

 Usage of status:missing-attribute in case of an AttributeSelector
  http://lists.oasis-open.org/archives/xacml/201104/msg00003.html

 "Web Friendly" Policy Ids
  http://lists.oasis-open.org/archives/xacml/201103/msg00046.html

 Specifying a specific associated Resource in a Policy (Sticky Policies)
 http://lists.oasis-open.org/archives/xacml/201103/msg00012.html


meeting adjourned.

Next meeting June 2, 2010.


---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php

-- 
David Brossard, M.Eng, SCEA, CSTP
Solutions Architect
+46(0)760 25 85 75
Axiomatics AB
Skeppsbron 40
S-111 30 Stockholm, Sweden
http://www.linkedin.com/companies/536082
http://www.axiomatics.com
http://twitter.com/axiomatics