OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Minutes 27 September TC Meeting

Minutes of XACML TC Meeting 27 September 2007

1  Roll Call
      Hal Lockhart (Co-chair)
      Bill Parducci (Co-chair, minutes)
      Erik Rissanen
      Morry Katz (Observer)
      Jason Woloz
      John Moehrke
      Rich Levinson
      Prateek Mishra
      Anil Saldhana
      Anil Tabbepla (Observer)
      Seth Proctor
      David Staggs

     Quorum achieved (72% per Kavi)

2  Administrivia
    Approval of Minutes
     Vote on approval of 13 September TC meeting minutes

     Prateek volunteered to take over the Secretary position. This was
     approved with unanimous consent.

     Hal briefly reviewed the NIST Guide to Secure Web Services and
     noted that he had come across a few apparent errors. He recommends
     that the TC review the document and submit comments to the authors
     (who have indicated that that are interested in feedback)

     Prateek discussed the research that his group has done based upon
     findings from the interOp and recent implementations of XACML 2.0
     showing that there needs to be better clarity around PEP <-> PDP
     communications for implementers. They found that JSR115 doesn't
     fully meet the needs discovered.

     Hal offered to talk Tony to follow up on the comment by Anil
     Saldhana that suggested that we define a language agnostic API,
     similar for instance as the XML DOM API and that he had heard IBM
     may be working on something in this area..

3 Issues
   Admin Spec Clarification
    Rich and Erik discussed the feedback Rich provided to the list re:
    Administration Specification. There was general consensus that this
    document should be renamed the Administration and Delegation  

    Rich has not yet read Erik's responses.

   Policy Issuer Identifier
    Erik reviewed his post clarifying the Policy Issuer identifier.
    After a discussion it was decided that the explicit trusted policy
    issuer identifier be dropped.

   Policy Provisioning
   Hal also mentioned and briefly explained his post about a policy
   provisioning protocol. He will make a profile working draft of it.

meeting adjourned.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]