[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes for 8 August 2013 TC Meeting
Time: 16:30 EDT (GMT-0400) Tel: 513-241-0892 Access Code: 65998 Minutes for 8 August 2013 TC Meeting I. Roll Call & Minutes Roll Call: Achieved quorum yes Voting Members: 9 of 10 (90%) (used for quorum calculation) Crystal Hayes Richard Hill Steven Legg Rich Levinson Hal Lockhart Bill Parducci Remon Sinnema John Tolbert Mohammad Jafari Attending members (non-voting): Greg Smith bill: we have quorum Approve Minutes: 25 July 2013 TC Meeting https://lists.oasis-open.org/archives/xacml/201307/msg00026.html hal: any objections to unanimous consent? none heard. II. Administrivia RSA Europe (ray: anyone attending?): https://lists.oasis-open.org/archives/xacml/201307/msg00031.html no comments IDtrust Steering Committee annual Nominations and Election Process https://lists.oasis-open.org/archives/xacml/201308/msg00000.html * extended until Aug 16, 2013 NIST SP 800-162 public review extended (hal: extended to 8/16): "Guide to Attribute Based Access Control (ABAC) Definition and Considerations” (note: still same version we reviewed in spring 2013: last mod: 4/24/13: 11:34AM) https://lists.oasis-open.org/archives/xacml/201307/msg00019.html nothing new on this item Request / Response Interface based on JSON and HTTP for XACML 3.0 Version 1.0 uploaded https://lists.oasis-open.org/archives/xacml/201307/msg00004.html was voted last mtg to Committee Draft status, and to be put out for 30-day public review: progress? hal: note from chet today: tickets in queue from tc admin chet's email: https://lists.oasis-open.org/archives/xacml/201308/msg00014.html Wish List for XACML (steven - added new items) https://lists.oasis-open.org/archives/xacml/201307/msg00027.html wiki (full list): https://wiki.oasis-open.org/xacml/WishList hal: feedback on new version: ranges from not essential at this time, to a really bad idea at this time. working model for now is building on existing concepts. steven: should go in errata, not wish list bill: emailed link to errata page: https://wiki.oasis-open.org/xacml/XacmlErrata (https://lists.oasis-open.org/archives/xacml/201308/msg00015.html) III. Issues Target definition (john): https://lists.oasis-open.org/archives/xacml/201308/msg00002.html hal: in 3.0 we changed the details, but high level defn not clear john: 3.0-- Target The set of decision requests, identified by definitions for resource, subject and action that a rule, policy, or policy set is intended to evaluate Proposed-- Target The set of decision requests, identified by definitions for resource, subject and action that a PDP is intended to evaluate according to the applicable rule, policy, or policy set Resource location (john): https://lists.oasis-open.org/archives/xacml/201308/msg00007.html john: wouldn't it be better to import rules: DLP fcns (data loss prevention): how to stdize policy, rules for interoperable notions of how these std ops are protected: considering writing proposed profile to address this notion; also building policies around some std policies richard: is network access part of dlp or not? john: probably overlaps; dlp profile, nac profile, How to get attributes from other categories (continued) steven: https://lists.oasis-open.org/archives/xacml/201308/msg00001.html rich: https://lists.oasis-open.org/archives/xacml/201307/msg00030.html steven: https://lists.oasis-open.org/archives/xacml/201307/msg00029.html rich: https://lists.oasis-open.org/archives/xacml/201307/msg00028.html steven: https://lists.oasis-open.org/archives/xacml/201307/msg00015.html https://lists.oasis-open.org/archives/xacml/201307/msg00011.html rich: explained email (that was sent after agenda): https://lists.oasis-open.org/archives/xacml/201308/msg00013.html steven: has not read email yet, but wanted to mention the discussion on the "XPathCategory issue that rich raised: claims there is no sense of redirection intended, even though it could be technically used in that manner, but that would be beyond the scope of the current spec defn. context selector id that attr selector specifies impression primary use case is xpath selector fcn, and that is restricted to current category. rich: it is that restriction, that iro (in rich's opinion), effectively renders XPathCategory redundant and useless, so logical conclusion is that if this xml attr has been added, it must have some purpose, and, in order to give it any possible purpose, the restriction must be removed. (keeping in mind that the analysis leading to this conclusion is possibly wrong as well, in which case clarification is requested to explain the usage) hal: have we created functionality that is not usable; people need to look at xpathcategory define use cases - can they be separated; try to separate threads for xpathcategory, the use case itself, etc. i.e. what issues were dropped in rich's latest email that tried to re-baseline the discussion. -> rich will send email to try to sort things out, as he already has notes to that effect which were not included in latest email. attrs of relations, easy to find info when; where are the cross correlations going to be kept? hal: any additional joiners: mohammad: joined just after roll call greg smith: from boeing, please add to list meeting adjourned: ~5:10PM EDT --
Thanks, Rich
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]