[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Conclusions from the May 22 XACML focus group concall...
On the XACML focus group concall yesterday, we discussed the 1.1 work items listed below. Present on the call were Anne Anderson, Michiharu Kudo, and Carlisle Adams.
Omitting all the details of the discussion, the current status of the items is as follows:
A (Fully specify hierarchical resources): This still needs some discussion/clarification. One main issue is to define a mechanism to specify the type of hierarchical resource (e.g., an XML document, or a Unix File System), rather than assuming that the "resource content" attribute will always hold an XML document. The other main issue is how to deal with action propagation and implication.
B (Add an ID Attribute): This item can probably be dropped since signing the full policy doesn't seem to need it.
C (Deterministic algorithm for combining obligations): Michiharu suggests that this item can be dropped for 1.1.
D (Obligations in Rule Element): This proposal is fairly mature. Approval is needed from the TC.
E (Condition References): Michiharu suggests that this item can be dropped as long as item H is approved.
F (Properties for new Combining Algorithm): This still needs discussion/debate. Controversy remains over the usefulness and potential complexity of this proposal.
G (Environment in Target Element): This proposal is mature and ready for a TC vote.
H (References to Rules): This proposal is mature and ready for a TC vote.
We can discuss this list on the next TC concall (May 29).
From: Anne Anderson [mailto:Anne.Anderson@Sun.com]
Sent: Thursday, May 15, 2003 2:56 PM
To: XACML TC
Subject: [xacml] 1.1 Work Items: Index to Proposed Solutions
Here are the XACML 1.1 Work Items with links to the most recent
proposed solution(s). If I have overlooked something, please
send a corrected index to the list!
A. Fully specify hierarchical resources
a. Original proposal [Simon]
b. Second proposal [Anne]
B. Add an ID Attribute
Simon has since declared that, since we are no longer talking
about signing only portions of a policy, there is no need for
C. Deterministic algorithm for combining obligations
No solution proposed yet.
D. Obligations in Rule Element
E. Condition References
F. Properties for new Combining Algorithm
G. Environment in Target Element
H. References to Rules