[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes 13 June 2013 TC meeting
Time: 16:30 ET (GMT-0500)
Tel: 513-241-0892
Access Code: 65998
I. Roll Call
Voting Members:
Hal Lockhart (Chair)
Bill Parducci (Chair)
Crystal Hayes
Richard Hill
Mohammad Jafari
Steven Legg
Remon Sinnema
John Tolbert
Members
David Brossard
Quorum met: 72%
Approve Minutes:
30 May 2013 TC Meeting
Approved unanimously
II. Administrivia
Request/Response Interface based on JSON and HTTP for XACML 3.0 Version 1.0 uploaded
David: Request's feedback. will upload a clean version and will
submit for Committee Draft. TC members encouraged to review.
David noted that Attributes were mapped to Category in JSON.
Steven/Hal: noted that Rich was in favor of Entity.
There were no objections to the use of Entity. This will be
reflected in the next version.
Hal: This will be a 30-day review since it is the first review.
Response to NIST
Hal: response to NIST ABAC document was sent.
NIST ABAC Workshop
Hal and John Tolbert received invites.
John: reviewed the context of NIST work based upon his recent
interaction with the group. John has extended an invitation
to anyone in the TC who is interested to participate. Hal and
someone from Axiomatics will be in attendance for this 1-day
event in Maryland.
Export Compliance Profile Candidate Oasis Standard: PASSED
IPC Profile Candidate Oasis Standard: PASSED
ACTION ITEM: Editors are requested to begin collecting the
materials necessary for submission of vote for
specification. (Section 3.4.1, Items A-K)
John: Would like to submit both of these with REST
REST Profile Candidate Oasis Standard: FAILED
VOTE to request TC Administration to start a Special Majority Vote to
approve Committee Specification REST Profile of XACML v3.0, Version 1.0
as an Oasis Standard.
Authoritative Version:
http://docs.oasis-open.org/xacml/xacml-rest/v1.0/cs01/xacml-rest-v1.0-cs01.doc
Motion to request: Remon Sinnema
Second: David Broussard
VOTE: Approved unanimously
TCG TNC MAP Content Authorization Spec
Richard: This specification is much detailed than the Profile that
was submitted. Should the comments be submitted individually or rolled-up?
Hal: The TC is encouraged to review the work. Individual feedback
is the only practical manner given the timeline.
III. Issues
NEW
OAuth Scope expressed in XACML
Hal: briefly reviewed OAuth and how XACML fits in with OAuth "Scope".
This approach solves a perceived gap in OAuth using mostly
existing XACML machinery. The solution depends upon a mapping
of XACML Policy onto JSON.
XSPA New Use Case
Mohammad: A Policy is dynamically created in the Request Context.
The goal is to attach a Policy with the request and
submit it to the PDP.
Hal: v3.0 this can be supported with administrative delegation
Profile. They exist in the Request Context, but require an
Admin Policy that allows the requester to evoke that policy.
Steven: This is actually in the SAML Profile. Also, the JSON
encoding doesn't provide this capability in a Request.
Distribution of obligations across multiple handlers
Use cases posted to wiki
TC Members encouraged to review.
JSON Profile - "Category vs Entity|Object issue"
No discussion.
Generalizing on-permit-apply-second
Bill: I'm withholding further comment until Erik is able post his
proposal.
Errata: XPathCategroy
Hal: This bring to mind the effort to track v3.0 errata.
ACTION ITEM: Bill to check status.
Obligations & Combining Algorithms
Steven: Looking for a way to make Obligations easier to handle to
avoid making big changed to the Core spec. Erik has since
then come back suggesting that we may wish to pursue
something more aggressive.
Hal: This is something that we will likely need to get a handle on
pretty soon given the increase in interest in the area.
meeting adjourned.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]