[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes from XACML TC Meeting 2 August 2007
Minutes from XACML TC Meeting 2 August 2007 1 Roll Call & Minutes Attendees: Ron Williams David Staggs Anil Saldhana Erik Rissanen Bill Parducci Tony Nadalin Prateek Mishra Rich Levinson Harry Haury (not yet voting member) Anne Anderson Regrets: Hal Lockhart Seth Proctor Quorum was achieved. The minutes from the 19 July TC meeting were posted late, so will be up for approval at the 16 August TC meeting: http://lists.oasis-open.org/archives/xacml/200708/msg00004.html 2 Administrivia a. Workshop on SAML & XACML Given at GeoWeb 2007 in Vancouver (SAML TC list) Hal was not present to report on this. b. Test Status Update - Summary List [Approvals, Publication] (xacml-demo-tech list) The general consensus of the TC was that a summary report of the interop should be written for public consumption, and not publish the detailed vendor results. The summary should include a description of the scenarios tested, the general results, and lessons learned. ACTION: Bill will check with OASIS on what the TC can and should do. ACTION: Rich will draft a summary based on message from OASIS. c. SAML 2.0 Profile of XACML, Version 2, WD 5 uploaded http://lists.oasis-open.org/archives/xacml/200707/msg00021.html Anne described changes from WD4 - WD5. She will post a summary of the changes. She recommends use of this profile for any future XACML interoperability demonstrations: XACML 3.0-specific sections are clearly identified, and the rest is bug fixes, better explanations, and examples based on what we have learned from trying to use the existing standard version of the profile. A new editor is needed for this Working Draft. c. Web Services Profile of XACML (WS-XACML) Version 1.0, WD 9 uploaded http://lists.oasis-open.org/archives/xacml/200707/msg00015.html http://lists.oasis-open.org/archives/xacml/200707/msg00018.html Anne reported on the changes in this new draft, which are summarized in msg00018.html above. This draft closes all open issues. A new editor is needed for this Working Draft. d. access_control-xacml-2.0-core-spec-os-errata.doc uploaded http://lists.oasis-open.org/archives/xacml/200707/msg00024.html Erik posted an update to the XACML 2.0 Core errata document including all errata fixes that have also been incorporated into the XACML 3.0 Core specification draft. e. New XACML References and Products document V1.83 http://lists.oasis-open.org/archives/xacml/200707/msg00025.html Anne reported on the new version of the XACML References and Products document. This includes a large number of new papers and some new vendors and deployments. XACML continues to be a hot topic of academic study. A new editor is needed for this document. The previous version - V1.73 - is located at http://docs.oasis-open.org/xacml/references/xacmlRefsV1.73.html for those who want to do a diff. 4 Issues Review http://wiki.oasis-open.org/xacml/IssuesList #69: location of XACML 2.0 schema files http://lists.oasis-open.org/archives/xacml/200707/msg00019.html This was just a clarification of why the schema reference problem occurred, and why the "workaround" of including the XACML 2.0 schemas in two different locations was needed. The following issues pending review will be up for approval at the next meeting: 32. ADMIN:Exception handling Resolution in Delegation profile WD17 Champion: Bill 38. CORE:Replace uri-string-concatenate with to-string and from-string functions Resolution in XACML 3.0 WD3 Champion: Erik 40. CORE:Change ResourceContent Resolution in XACML 3.0 WD2,3 Champion: Daniel (Erik) 50. ADMIN:Maxdepth with attribute categories Resolution in XACML 3.0 WD2,3 and Delegation profile WD17 Champion: Erik 54. ADMIN:Number of policies required by administrative policy delegation Resolution in Delegation profile WD17 Champion: Erik 55. WS-XACML:Address policy references in a Requirements element containing a PolicySet Resolution: ReferencedPolicies element in WD9 released 18 July 2007 Champion: Anne 56. WS-XACML:Add optional "Preference" XML attribute to Apply element Resolution: ValuePreference attribute is in WD9 released 18 July 2007 Champion: Anne 57. WS-XACML:Restrictions on XPath expression to support matching Attribute references Resolution in WS-XACML profile WD1-3 (informal proof in WD4) Champion: Anne 58. WS-XACML:Handle P3P 1.0 POLICY/STATEMENT/NON-IDENTIFIABLE in an XACMLPrivacyAssertion Resolution: NON-IDENTIFIABLE does not overlap with the PURPOSE and RECIPIENT clauses. WD9 is consistent with this understanding. Champion: Anne 59. WS-XACML:Allow restricted regular expression functions in XACMLAssertion Resolution: Regular expressions and syntax reference are in WD9 released 18 July 2007 Champion: Anne 64. ADMIN:Treatment of administrative deny Resolution in Delegation profile WD17 Champion: Erik 68. CORE:Backwards compatiblity of generalized Target Resolution in XACML 3.0 WD2,3 Champion: Erik 69. ERRATA:Incorrect URL in access_control-xacml-2.0-context-schema-os.xsd schema file Resolution in XACML 2.0 errata updated 5 July 2007 Champion: Erik 74. SAML:Add SAML metadata description Resolution: WD4 has a preliminary version of SAML metadata 77. CORE:Datatype of Resource id attribute in Response Resolution in XACML 3.0 WD3 Champion: Erik 78. ERRATA:Namespace treatment in xpaths Resolution in XACML 3.0 WD3 Champions: Daniel, Erik 79. ERRATA:Incorrect use of multiple subjects Resolution in XACML 2.0 errata updated 5 July 2007 Champion: Anne 80. ERRATA:"Policies based on resource contents" Resolution in XACML 2.0 errata updated 5 July 2007 Champion: Erik 81. CORE: Data type and function definitions by references to XPath 2.0 Resolution in XACML 3.0 WD3 Champions: Anne, Erik 84. WS-XACML: limit-scope functions will not work as described Resolution: Both functions removed in WD9 released 18 July 2007 5 IHE healthcare XACML interop interest David Staggs reported that Integrating Healthcare Environments (IHE) is interested in a healthcare interop using XACML. IHE runs these under the auspices of the Healthcare Information and Management Systems Society (HIMSS). IHE takes Health Level 7 (HL7 - an international healthcare standards organization) scenarios, implements them, creates a profile, and demonstrates interoperability. IHE is interested in an XACML interop similar to the Burton interop, but also including healthcare-related privacy cases. IHE needs a proposal from the XACML TC by October. The interop profiles are frequently published by the Health Information Technology Standards Panel (HITSP), a panel developed by the U.S. Dept of Health and Human Services as U.S. govt. standards. IHE requires at least two vendors to participate. Bill reported that OASIS is interested in promoting these events. He will start the conversation with OASIS administration. ACTION: Bill - notify OASIS of IHE's interest. The meeting adjourned at 10:30am Eastern Time. -- Anne H. Anderson, Sun Microsystems Laboratories 1 Network Drive,UBUR02-311, Burlington, MA 01803-0902 USA Tel: 781/442-0928 Fax: 781/442-0399 Email: Anne.Anderson@Sun.COM until 2 August 2007 Email: Anne.Anderson@alum.swarthmore.edu after 2 August 2007
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]