OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xacml] minutes of the XACML TC meeting of May 29, 2003

I have a question on the decision about dropping item G in the last call. I
think that we should spend more time to discuss about this item because
there had been no sufficient discussions on the list. (I noticed that there
is a positive comment from Anne) Since the use case I wrote has an
indexable parameter (purpose) which is independent of subject, resource,
and action, it is reasonable to allow this extension if it keeps backward


                      "Steve Crocker"                                  
                      <steve.crocker@pss-s        To:       <xacml@lists.oasis-open.org>
                      ystems.com>                 cc:                  
                                                  Subject:  [xacml] minutes of the XACML TC meeting of May 29, 2003
                      2003/05/30 01:45                                 

Minutes for the XACML TC meeting of May 29, 2003

Members Present:


Simon Godik,

Anne Anderson,

Anthony Nadalin,

Steve Crocker -- scribe,

Bill Parducci,

Hal Lockhart,

Steve Anderson,

Frank Siebenlist.

Carlisletook role and quorum was reached.

A motion to approve the TC meetings' minutes from 5/1/03and 5/15/03

was moved and approved.

Anne made a motion to approve RBAC as an official work item, which was

seconded, and no objections were made.  Anne will put the RBAC

proposal in an official OASIS format.

The June 9 meeting will be focused on discussing the RBAC profile with

three people from NIST.  All are invited.  The subcommittee meeting

minutes will go to the general mailing list.  Please put XACML and

RBAC in the subject header to allow automatic mail filtering.  The

June 9 meeting will give a better indidation of how much work and how

many meetings the RBAC work will require.  Chances of being able to

use the teleconference line for RBAC work is high.

Carlislestepped through the items on today's adjenda:

Item:  1.1 work items:

Progress on 1.1 errata list is minimal.  Simon had trouble with

getting the XACML spec, errata list document from web site.  Aim is to

get it to a complete and correct reflection of the state of the spec.

Anne has one new item to add to the list.  At the end of the meeting,

it was agreed to target the errata list in next week's working group


Items A-H from the focus group meeting's items

   A: fully specified hierarchical resources-- needs more issues resolved

   B: adding ID attribute--can probably be dropped, no champion willing

      to save it.

      A motion was made to drop item B from 1.1, and seconded.  no

      Item B is dropped.

   C: deterministic algorithm for combining obligations--

        AA: Seth Proctor wants to submit proposal, not for

            obligation, but for a deterministic algorithm (eval

            order) for evaluation.  e.g.: algorithm is not free to

            skip unavailable policies.  This would be a new XACML

            standardized combining algorithm.

        Hal: feels opposite, use cases are rare where order of

            evaluation matters.  Those cases where order of eval

            effects obligations presented are rare.

        Some discussion on non-deterministic algorithms allow

        evaluation optimization.

        CA:  may not be manditory to implement, but it would be


        AA: will make proposal for inclusion in 1.1

        Motion was made to drop item C (combining obligations):

        moved, seconded, no objections.  Item C is dropped.

    D:  Obligations in rule elements:

        Allows the option to attach obligations to rules rather

        than just policies.

        AA: wants to delay to see details of what will go into

            the spec before approval.

    E: Condition References

              AA: Michiharu is ok with dropping this if references

              to rules are included.  They can give the same effect.

              (see item H)

    H:  References to Rules: proposal is mature are ready for vote:

        SG: how is equal to condition reference

        AA: If Michihara's proposal is for condition

            references only from the top level condition element

            in a rule, A rule reference could accomplish the same

            effect by wrapping the condition in a rule whose

            target is 'any' and refering to that rule.

        Confusion reigns, we'll have to get Michinvolved for

            clarification, and to look at it again.  Reference is

            allowed to top level condition elements.

    F:  properties for new combining algorithms:

        AA: thinks this is too open ended, need a use case

            Michiharu had a use case for a privacy policy.

        CA: need to see Michiharu's response to AA, so it stays

        on the list for next call.   Michihara on the call would

        be very helpful

    G:  Put environment in target element

          Michiharu is the source

          AA: resonable

          HL: generally opposed but if it's optional, doesn't affect

              those who don't need it,

          AA: use case: applicability based on time of day, policies that

              apply only during certain hours.

          HL: time (being continuous) is not a great candidate for discrete


          HL, CA: generally don't like it if it can be misused or


          CA: will this be backward compatible to 1.0

          SG: wants list of attributes as indexing hints rather than

              extending the target.

          HL: suggests dropping for 1.1, maybe consider for 2.0, no


          Motion to drop this proposal from consideration for 1.1

              was moved, 2nd no objections.  Item G dropped.

Motion to adjorn, seconded, no objections.

Upcoming events:

        Next week's focus group will discuss references to rules and

        the errata list.

        RBAC with NIST folks on June 9.

        Next full group meeting, June 11.

A request was made for a sanity check for the proposed 1.1 time frame.

You may leave a Technical Committee at any time by visiting

#### minutes_5_29_03.txt has been removed from this note on June 05 2003 by
Michiharu Kudoh

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]