Time: 4:30 EDT (-0400 GMT) Tel: 513-241-0892 Access Code: 65998 Minutes for 26 June 2014 TC Meeting I. Roll Call & Minutes roll call: we have quorum Attendance Voting Members Crystal Hayes The Boeing Company Mohammad Jafari Veterans Health Administration Rich Levinson Oracle Hal Lockhart Oracle Erik Rissanen Axiomatics Remon Sinnema EMC John Tolbert The Boeing Company Quorum achieved. Approve Minutes: 12 June 2014 TC Meeting - updated https://lists.oasis-open.org/archives/xacml/201406/msg00019.html rich: note: fwd'd version that is not in archives, we are approving the replacement that was fwd'd approved no objection II. Administrivia Note: no new msgs on maillist since last mtg minutes https://lists.oasis-open.org/archives/xacml/201406/maillist.html Follow-up items from last mtg minutes: Hierarchical Resource Profile published https://lists.oasis-open.org/archives/xacml/201406/msg00001.html xacml tc home page updated ok Digital Signature Profile published https://lists.oasis-open.org/archives/xacml/201406/msg00002.html ok XACML SAML Profile Version 2.0 15-Day Public Review - ended June 17, 2014 https://lists.oasis-open.org/archives/xacml/201406/msg00003.html hal: any comments? just one w "hyphen" issues erik to fix the hyphens, we will vote after the update made XACML REST Profile uploaded https://lists.oasis-open.org/archives/xacml/201406/msg00009.html included tc approved rename; tc was given time to review chgs hal: been out for tc review for 2 weeks, can move fwd, ray: bunch of small chgs, no comments, fine to move along ray: chg to "normative" motion: move to cs-draft ray moves crystal second no objections to unanimous consent motion: 15d pub rev: ray: moves to 15-day pub rev crystal seconds no objections to unanimous consent rich: official motion and votes follow: XACML REST Profile Version 1.1 - Approve a Committee Specification Draft Ray: I move that the TC approve "XACML REST Profile Version 1.1, Working Draft 08, 10 June 2014" and all associated artifacts packaged together in https://www.oasis-open.org/apps/org/workgroup/xacml/download.php/53260/xacml-rest-v1.1-wd08.doc as a Committee Specification Draft and designate the .doc version of the specification as authoritative and to be published to the repository. Crystal: second VOTE: APPROVED UNANIMOUSLY ACTION ITEM: TC Chairs to submit request to Oasis to create the CSD XACML REST Profile Version 1.1 - Approve a Committee Specification Draft for 15d Public Review Ray: I move that the TC approve "XACML REST Profile Version 1.1, Working Draft 08, 10 June 2014" and all associated artifacts packaged together in https://www.oasis-open.org/apps/org/workgroup/xacml/download.php/53260/xacml-rest-v1.1-wd08.doc as a Committee Specification Draft and designate the .doc version of the specification as authoritative and to be published to the repository. to be made available for Public Review. Crytal: Second VOTE: APPROVED UNANIMOUSLY ACTION ITEM: TC Chairs to submit request to Oasis to announce a 15d public review. hal: ok, we will ask tc-admin for pub review DLP-NAC Profile https://lists.oasis-open.org/archives/xacml/201406/msg00006.html uploaded: https://lists.oasis-open.org/archives/xacml/201406/msg00010.html action from last mtg: follow up on datatype issue w ipaddress hal: looking for volunteer; may be hal hal: looking at subject: requesting machine, etc. each of those parties can be acting independently; codebase, person, etc. ip-addr probably only w machine there are attrs proposed in section that just says subject, which includes subject-categories, which seems somewhat contradictory asymmetry in current xacml; practical issue is how should these attrs define which subpolicy should be associated. rich: should be entity w attributes w unique entity identifier, which represents the type of entity. Attrs used in multiple entity types should be defined for each entity type, i.e. defn of entity type picks from a list of attrs, those that are appropriate. Attributes don't pick entities that they want to belong to. hal: other issue is defaults and the undefined, empty, zero type of setting. john posted this email w relevant info just after mtg: https://lists.oasis-open.org/archives/xacml/201406/msg00025.html III. Issues Privacy Profile comments https://lists.oasis-open.org/archives/xacml/201406/msg00000.html https://lists.oasis-open.org/archives/xacml/201406/msg00005.html action from last mtg: Mohammad and tc to follow up on issues raised by Steven on unclear how profiles solves issues raised. hal: any advance on existing discussion? erik: uncertain what next step should be. mohammad: is there a simple example? erik: similar to common use cases: contract w different commissions, w multiple countries, parts of contract may correspond to privileges, also there may be policy combos that need to apply simultaneously; steven: policy expressions 5.3 in entities profile: policy expr erik referring to: should give mohammad idea of how the stuff works as an example mohammad: understand the general point; not sure if specific use case complex enough to require that. hal: does mohammad see use cases not covered mohammad: very broad title of privacy, but profile addr very specific subset of big picture; should not have normative example because varies between orgs. hal: need more discussion to see where going. awkward referring to unfinished profile (entities), combined w privacy profile static for last several years; let's leave it to the list and see where we can make progress mohammad: will try to get some tangible comment on the list. hal: other business? john: will update urn's - tc can look at them; proposed chgs, will decide whether and how to incorporate; dlp/nac john posted this email w relevant info just after mtg: https://lists.oasis-open.org/archives/xacml/201406/msg00025.html hal: next mtg: july 10; meeting adjourned 5:09pm edt
--
Thanks, Rich
Thanks, Rich
Rich Levinson | Internet Standards Security
Architect
Mobile: +1 978 5055017
Oracle Identity Management
45 Network Drive | Burlington, Massachusetts 01803
Oracle is committed to developing practices
and products that help protect the environment