[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xacml] Proposed Agenda for 20 July 2017 TC Meeting
A quick look at the mailing list suggests that if these exist, they are more than 5 years old.
The OASIS Process rules have changed in recent years. It is now required that the TC formally accept all SoU’s as valid. On the other hand, we can now accept SoU’s from non-OASIS Members, as long as there is at least one Organizational Member making a statement. We can accept old SoU’s as long as they refer explicitly to the current version of the CS.
In addition the organizations you mention I believe ViewDS has made several SoU’s and perhaps could make others.
I think it would make sense to locate existing SoU’s and identify organizations who could potentially issue SoU’s. Where we find there are potentially 3 or more available, we should push everyone to make properly formed SoU’s and submit the docs for OASIS Standard. I am willing to do the paperwork, but we need everyone’s help to identify implementers and lobby them to participate.
To answer your question, yes we should reach out to any organization for this purpose, as they are probably unaware of what is needed and in the case of non-OASIS members not even aware that they can submit such a statement.
Re. the JSON profile of XACML, I was talking to an IAM colleague about its status. I do not believe it is a standard yet because it needs 3 attestations.
So far, Axiomatics has attested to the implementation. I believe EMC has too. There are another 2 implementations available (AuthZForce and WSO2). Do we need to reach out to them to get them to attest?