Fw: [xacml] [model subcommittee] minutes Jan 20th

[ernesto damiani <edamiani@crema.unimi.it>]

Title: RE: [xacml] Agenda for Jan. 23-24/02 F2F Meeting...

 

See you at the F2F!

 

ernesto

 

 

Prof. Ernesto Damiani
Dipartimento di Tecnologie dell'Informazione
Università di Milano - Polo di Crema
Via Bramante 65 26013 Crema, Italia
tel 0373-898240
fax 0373-898253

 

XACML Model subcommittee
Minutes of Concall 1-20-2002

Participants:
Sekhar
Polar 
Anne
carlisle
Tim
Hal
Simon G.
Ernesto

Agenda: it is agreed to go through the current version of the issues document and to review issues that have no champion and/or resolutions.
Raw minutes will be immediately posted, so that the issues document can be updated, hopefully before the F2F.

PM 5-04. No champion. SIMON volunteers to champion it.
A brief discussion follows; Simon suggests that the current solution in general enough, as the URI+XPath combination specifies a schema (via the URI) and allows to retrieve a value (via the XPath). XPaths guarantee that values are uniquely identified. This technique smoothly applies not only to SAML but also to other formats like LDAP.
Hal observes that this is not always the case, as there may be attribute namespaces which are not URI.
Anne remarks that besides a pointer to the schema, a pointer to an instance is also needed. Simon agrees to provide a full explanation of this scenario at the F2F.

resolution:deferred

PM 5-05. No champion. SIMON volunteers to champion it.
A brief discussion follows; Simon clarifies that the position he will take is that while the use of Xpaths to extract nodeset is just fine, they do not make good rvalues in expression. The solution in the current schema is cleaner.
Anne offers to look into the issue to provide an alternative point of view.

resolution : deferred


PM 2-02 Ernesto suggests that this issue only mention retrieval of distributed policies and should be updated to reflect the recent discussion and Anne's proposal (circulated via e-mail on Jan 17) about policy combination. Anne volunteers to extend its wording in order to include policy combination as well.
simon will present counter deductions to Anne 's proposal at the F2F

resolution: deferred



Other issues dealing with generic suggestions and/or the glossary are reviewed:

MI-1-01

resolution: deferred

MI-4-01

The issue is a generic suggestion about XACML to be a possible application of a general setting for rule representation, RuleML.
Anne proposes that at the F2F every suggestion of taking into account related languages should be mandatorily accompanied by a presentation
After a vrief discussion on RuleML, the issue is voted closed. It should be deleted from the next version of the issues document


MI-4-02 
Polar will bring that one to the discussion, with special reference to policy combination.

resolution: deferred

PM 5-01
resolution: deferred

Tim, Sekhar and others mention the fact that some issues are not yet reported in the current version of the issues document. Namely:

1. Sekhar: how can  xacml be used for j2se?
sekhar volunteers to champion it. Being this issue still at a preliminary stage, resolutions are deferred to the F2F

2. Ernesto: XACML extensions. Michiharu submitted a document about this issue and volunteered to champion it. Resolutions are deferred to the F2F.

Other minor issues not yet reported in the current version of the issues document are listed below:

3. Tim : should policy names be strings or uri? the current schema uses strings, but uri (with annotations) seem to be more suitable to a distributed scenario.  
Tim will update the current schema accordingly, but the issue is to be kept open.

3. Tim: do we need numeric types to support arithmetics? 
Simon suggests that other operators, including range ones, may be needed.

4. Tim: How do we provide support for renaming ?

5. Tim: Typing of attribute values 

6. Tim: should we extend SAML assertions for XACML?

7. Anne: Should we include a "comment" element?