Re: [xacml] Re: PAP Architecture - Cohort requirements - TTL

[David Brossard <david.brossard@axiomatics.com>]

Wouldn't we want to express this with XACML attributes? Or is it seen as a separate concern that we do not want to mix with access attributes?

Could a digital signature or SAML assertion wrapping the XACML policy contain that information?

On Thu, Jul 12, 2012 at 9:04 PM, Bill Parducci <bill@parducci.net> wrote:

Yes. The additional precision of the time validity of the relationships is a nice refinement.

Thanks


b

On Jul 12, 2012, at 10:44 AM, Jean-Paul Buu-Sao <jean-paul.buu-sao@tscp.org> wrote:

> Bill, as discussed I updated the requirements on the Wiki to add your TTL requirement as a more general "validity" requirement, expressed as
>
> Validity: a policy cohort may be only valid between a start date/time and an end date/time (either boundaries can be omitted)
>
> Would it work?
> Thanks,
> Jean-Paul
>
> https://wiki.oasis-open.org/xacml/Policy%20Administration%20Point%20Architecture
>
> -----Original Message-----
> From: xacml@lists.oasis-open.org [mailto:xacml@lists.oasis-open.org] On Behalf Of Bill Parducci
> Sent: Thursday, June 28, 2012 22:35
> To: XACML TC
> Subject: [xacml] Minutes 28 June 2012 TC Meeting - UPDATED
>
> Time: 13:00 EDT (GMT-0400)
> Tel: 513-241-0892
> Access Code: 65998
>
> I  Roll Call&  Minutes
>
> Voting Members:
>  Crystal Hayes
>  Richard Hill
>  Rich Levinson
>  Hal Lockhart
>  Bill Parducci (minutes)
>  Erik Rissanen
>  Remon Sinnema
>  David Staggs
>  Danny Thorpe
> | John Tolbert
>
> Members
>  Jean-Paul Buu-Sao
>
> Quorum met: (100% per Kavi)
>
> I. Roll Call & Approve Minutes:
> Minutes from 14 June 2012 TC meeting voted upon.
>  APPROVED UNANIMOUSLY.
>
> II. Administrivia
>
> XACML v3 Combining Algorithm
>  Erik posted the CD version of Combining Algorithm
>  ACTION ITEM: Submit for Public Review (Erik)
>
> XACML TC Summary Overview
>  TC members encouraged to refine this on list.
>
> XACML Interop demo opportunities
>  https://lists.oasis-open.org/archives/xacml/201206/msg00034.htmlInterop
>  John noted that this was setup to effectively recreate the demo at
>  RSA. Interested parties should notify the Chairs or post to the
>  list. Should there be sufficient interest the demo email list will
>  be re-enabled to facilitate logistics.
>
> Oasis Cloud Auth TC
>  Remon attended the charter meeting for a new TC that is focused upon
>  authentication for cloud based systems XACML was mentioned several
>  times but no definitive decisions were made regarding any possible
>  coordination/overlap. Interested members may reach out to Oasis if
>  the are interested in learning more.
>
> III. Issues
>
> IPC Profile
>  The TC Admin notified the TC this morning that the submitted
>  documents will suffice and the CD is in the work queue for processing.
>
> Export Control US Profile, WD-04
>  John noted that the list has been quiet for several weeks and moved that the work be submitted to Oasis.
>
> VOTE:
>  Motion: Approve XACML 3.0 Export Compliance-US (EC-US) Profile
>  Version 1.0, Working Draft 4 as a Committee Draft
>  https://www.oasis-open.org/apps/org/workgroup/xacml/download.php?document_id=46169
>
>  Motion: John Tolbert
>  Second: Crystal Hayes
>  Vote: APPROVED unanimously
>
>  Motion: Approve XACML 3.0 Export Compliance-US (EC-US) Profile
>  Version 1.0, Committee Draft 02 for 15-day Public Review
>  https://www.oasis-open.org/apps/org/workgroup/xacml/download.php?document_id=46169
>
>  Motion: John Tolbert
>  Second: Crystal Hayes
>  Vote: APPROVED unanimously
>
> XACML v3.0 - Core
>  Jean-Paul will review the feedback/discussion from the list and
>  develop a set of responses that have been coordinated with TSCP.
>
>  Hal noted that Attestations of Use must now be made to a specific
>  Committee State. At such time as the TC's work products are ready
>  for consideration for Specification status the Chairs will put out
>  a request for Attestation to the specific Committee Specifications
>  being considered.
>
> Proposed PAP Architecture
>  Hal encouraged the TC to review and comment on the current listings.
>  Jean-Paul noted that the concept of a "Cohort" appears to have a lot
>  of potential and suggested that collecting a discrete set of
>  requirements would facilitate moving this concept forward. Remon
>  asked if this work is leading to a Profile. Hal offered that the
>  current work is centered around clarifying this topic but that the
>  TC is open to take this in any direction it thinks works best.
>
> JSON Mapping
>  No discussion. The TC is directed to provide input/feedback to the
>  mailing list.
>
> Metadata Schema
>  Remon voiced interest in picking up this work in the future.
>
> REST Profile
>  Hal reviewed the 2 solutions he posted to the list regarding the two
>  basic components of this topic.
>
> meeting adjourned.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: xacml-unsubscribe@lists.oasis-open.org
> For additional commands, e-mail: xacml-help@lists.oasis-open.org
>

---------------------------------------------------------------------
To unsubscribe, e-mail: xacml-unsubscribe@lists.oasis-open.org
For additional commands, e-mail: xacml-help@lists.oasis-open.org

-- 
David Brossard, M.Eng, SCEA, CSTP
Product Manager
+46(0)760 25 85 75
Axiomatics AB
Skeppsbron 40
S-111 30 Stockholm, Sweden
http://www.linkedin.com/companies/536082
http://www.axiomatics.com
http://twitter.com/axiomatics