[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes of August 18 2005 XACML TC Meeting
Hal Lockhart Tim Moses Bill Parducci (minutes) Erik Rissanen David Staggs Ron Williams Anne Anderson Argyn Kuketayev Polar Humenn Michiharu Kudo Tony Nadalin Quorum reached (90% per Kavi) Agenda: I. Minutes from August 4 meeting (as updated on list) voted upon: Approved unanimously No objections Oasis Procedural note: Voting privileges are based on 2 contiguous meetings rule; miss 2 meetings in a row and lose voting privileges; attend 2 meetings in a row, regain voting privileges after second meeting. II. F2F The chairs will post a poll with the last 2 weeks of September and the first week of October, East Coast/West Coast BEA facilities. III. Conformance Tests Argyn reviewed his work on moving the v1.x Conformance Tests to v2.0. They are in a draft state, have been validated against the v2.0 schema but have not been run against an actual implementation. Additional tests (e.g. functions with parameters) need to be added. IV. New Delegation Draft (0.8) Erik reviewed the changes to the latest word. No major structural changes, most modifications pertain to readability and consistency. V. Issues Issues are now tracked in the Oasis wiki: http://wiki.oasis-open.org/xacml/IssuesList Hal suggested a formatting modification to clarify the status of issues. discrete values: OPEN, PENDING, PENDING REVIEW, CLOSED and DEFERRED. Issue 24 - the current draft does not allow this, Hal offered that this be added to the next draft. Anne objected to this based on policy retrieval optimization. Hal offered that policy retrieval is based upon either request type and is evaluated in that context separately. Hal will modify the wiki entry to more fully describe. Issue 25 - since processing depth may be masked it is currently not possible to know the level of recursion without a way to pass recursion information through the processing chain (request context). Issue 26 - addressing impacts of Deny policies rights on administrative policies. Hal offered that there isn't value in differentiating between the ability to permit access or deny. Polar offered that evaluation may be clarified by introducing Trusted/Untrusted results (with possibility of differentiation between ability to issue negative/positive policies) Issue 27 - PDP policy set Issuer Issue 28 - Delegate-id Currently not considered a significant issue. Issue 29 - Situation Should Situation be defined as proposed on wiki? VI. Misc. Bill will contact Tim to review Generalized Decisions with respect to Obligations. The TC will continue to use Kavi as the mechanism for tracking action items, but members are encouraged to use the wiki for maintaining issues and as a place for introducing ideas/concepts. meeting adjourned.