OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Minutes for 8 August 2013 TC Meeting


Time: 16:30 EDT (GMT-0400)
Tel: 513-241-0892
Access Code: 65998

Minutes for 8 August 2013 TC Meeting

I. Roll Call & Minutes

  Roll Call:

Achieved quorum	yes
Voting Members: 9 of 10 (90%) (used for quorum calculation) 
Crystal Hayes
Richard Hill
Steven Legg
Rich Levinson
Hal Lockhart
Bill Parducci
Remon Sinnema
John Tolbert
Mohammad Jafari

Attending members (non-voting):
Greg Smith
	
  bill: we have quorum

  Approve Minutes:
   25 July 2013 TC Meeting
   https://lists.oasis-open.org/archives/xacml/201307/msg00026.html

  hal: any objections to unanimous consent? none heard.


II. Administrivia

  RSA Europe (ray: anyone attending?):
   https://lists.oasis-open.org/archives/xacml/201307/msg00031.html

    no comments


  IDtrust Steering Committee annual Nominations and Election Process
   https://lists.oasis-open.org/archives/xacml/201308/msg00000.html
    * extended until Aug 16, 2013

  NIST SP 800-162 public review extended (hal: extended to 8/16):
   "Guide to Attribute Based Access Control (ABAC) Definition and Considerations”
    (note: still same version we reviewed in spring 2013: last mod: 4/24/13: 11:34AM)
   https://lists.oasis-open.org/archives/xacml/201307/msg00019.html  

     nothing new on this item   


  Request / Response Interface based on JSON and HTTP for XACML 3.0 Version 1.0 uploaded
   https://lists.oasis-open.org/archives/xacml/201307/msg00004.html  
    was voted last mtg to Committee Draft status, and to be put
     out for 30-day public review: progress?

  hal: note from chet today: tickets in queue from tc admin
  chet's email:
    https://lists.oasis-open.org/archives/xacml/201308/msg00014.html


  Wish List for XACML (steven - added new items)
    https://lists.oasis-open.org/archives/xacml/201307/msg00027.html
   wiki (full list):
     https://wiki.oasis-open.org/xacml/WishList

    hal: feedback on new version: ranges from not essential at this time,
	to a really bad idea at this time.
       working model for now is building on existing concepts.

    steven: should go in errata, not wish list

    bill: emailed link to errata page:
	https://wiki.oasis-open.org/xacml/XacmlErrata
	 (https://lists.oasis-open.org/archives/xacml/201308/msg00015.html)

III. Issues

  Target definition (john):
   https://lists.oasis-open.org/archives/xacml/201308/msg00002.html

  hal: in 3.0 we changed the details, but high level defn not clear
  john:
    3.0--
      Target
        The set of decision requests, identified by definitions for resource, subject
         and action that a rule, policy, or policy set is intended to evaluate
    Proposed--
      Target
        The set of decision requests, identified by definitions for resource, subject
         and action that a PDP is intended to evaluate according to the applicable
         rule, policy, or policy set


  Resource location (john):
   https://lists.oasis-open.org/archives/xacml/201308/msg00007.html

    john: wouldn't it be better to import rules: DLP fcns (data loss prevention):
      how to stdize policy, rules for interoperable notions of how these
      std ops are protected:
     considering writing proposed profile to address this notion;
     also building policies around some std policies
    richard: is network access part of dlp or not?
    john: probably overlaps; dlp profile, nac profile,


  How to get attributes from other categories (continued)
   steven: https://lists.oasis-open.org/archives/xacml/201308/msg00001.html
   rich:   https://lists.oasis-open.org/archives/xacml/201307/msg00030.html
   steven: https://lists.oasis-open.org/archives/xacml/201307/msg00029.html
   rich:   https://lists.oasis-open.org/archives/xacml/201307/msg00028.html
   steven: https://lists.oasis-open.org/archives/xacml/201307/msg00015.html
   https://lists.oasis-open.org/archives/xacml/201307/msg00011.html
        

    rich: explained email (that was sent after agenda):
      https://lists.oasis-open.org/archives/xacml/201308/msg00013.html

    steven: has not read email yet, but wanted to mention the discussion
	on the "XPathCategory issue that rich raised:
        claims there is no sense of redirection intended, even though
	 it could be technically used in that manner, but
	 that would be beyond the scope of the current spec defn.
	context selector id that attr selector specifies
	 impression primary use case is xpath selector fcn,
         and that is restricted to current category.

    rich: it is that restriction, that iro (in rich's opinion),
	effectively renders XPathCategory redundant and useless,
	so logical conclusion is that if this xml attr has been
	added, it must have some purpose, and, in order to give
	it any possible purpose, the restriction must be removed.
	(keeping in mind that the analysis leading to this
	 conclusion is possibly wrong as well, in which case
	 clarification is requested to explain the usage)


    hal: have we created functionality that is not usable; people
	need to look at xpathcategory

         define use cases - can they be separated;
	  try to separate threads for xpathcategory, the use case itself,
	   etc. i.e. what issues were dropped in rich's latest email
	   that tried to re-baseline the discussion.
  ->       rich will send email to try to sort things out, as
	    he already has notes to that effect which were
	    not included in latest email.

	 attrs of relations, easy to find info when; where are the
	  cross correlations going to be kept? 


    hal: any additional joiners:
	mohammad: joined just after roll call
	greg smith: from boeing, please add to list

	meeting adjourned: ~5:10PM EDT
--
Thanks, Rich

Oracle
Rich Levinson | Internet Standards Security Architect
Mobile: +1 978 5055017
Oracle Identity Management
45 Network Drive | Burlington, Massachusetts 01803

Green
            Oracle Oracle is committed to developing practices and products that help protect the environment



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]