[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes TC Meeting 13 September 2007
Minutes of XACML TC Meeting 13 September 2007 1 Roll Call Attendees Hal Lockhart (Co-chair) Bill Parducci (Co-chair, minutes) Erik Rissanen Vernon Murdoch Anthony Nadalin Ron Williams Rich Levinson Prateek Mishra Anil Saldhana Seth Proctor Vernon Murdoch John Moehrke (Observer, GE) Anil Tabbepla (Observer, Securent) Quorum achieved (81% per Kavi) 2 Administrivia Approval of Minutes Vote on approval of 30 August TC meeting minutes APPROVED: UNANIMOUS CONSENT V3 Timing & Scope Prateek discussed his concerns about the timeline for v3 given the recent interOp success and the velocity of changes could cause concern by vendors and adopters. Ron offered that since the number of deployments is still in the early phases and that introducing v3 earlier would affect fewer implementations. Tony suggested that IBM is interested in seeing the TC move forward with key features and that moving forward when ready will be beneficial. Hal noted that by the time v3 gets out v2 will have been out for about 3 years and some of the v3 features--delegation being notable-- have been in demand for some time. Also, he noted that Delegation is an optional Profile, that v2 compatibility is being striven for and that the move to v3 may not be necessary for those that do not require Delegation. Rich voiced concern that the changes in v3 span a number of areas across the specification, some of which is structural clean up. He asked why the changes to the protocol are necessary to facilitate the new feature set. Bill suggested that there has been considerable demand for Delegation in particular and that while the TC should be mindful of the Commercial implications of change, that it is important that the TC focus on developing and publishing requested features in a timely manner. Erik offered that Attribute Categories is a new concept and is therefore, simply a feature addition. He also noted that Delegation was developed initially on top of the v2 schema and the complexity drove the move to make the changes in the current v3 Draft. 3 Issues v2/v3 Compatibility Erik discussed his research into v2/v3 compatibility. The results are that it is logically more feasible to internally downgrade a v3 request to v2 rather in an v3 PDP that has mixed Policies than attempt to upgrade a v2 Policy to v3 (in batch or real time). He noted that there is a border case with XPath and that if necessary a manual configuration to the PDP's interpretation of the request can work through this. Trusted Issuer The TC discussed the implications of implicit/explicit Trusted Issuer in v3. After attempting to frame the issue into discrete choices Erik offered to post the options for dealing with this to the list. Obligations Rich asked if Working Draft 1 contained all current work and if it replaced Obligations in the current schema. Erik confirmed that it did and that the proposed solution is compatible with v2 Obligations. meeting adjourned.