OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Minutes 16 April 2009 TC Meeting - Updated

Date: Thu, 16-Apr-09
Time: 10:00 am EDT
Tel: 512-225-3050 Access Code: 65998

Minutes for 16 April 2009 TC Meeting
(updated w some corrections and clarifications from
 David on the notes I took in the section on "Public
 comments submitted for XSPA profile" below)

Proposed Agenda:

10:00 - 10:05 Roll Call & Approve Minutes

Erik Rissanen    Axiomatics AB       Group Member
Bill Parducci*   Individual          Group Member
Rich Levinson    Oracle Corporation  Group Member
Hal Lockhart     Oracle Corporation  Group Member
Anil Saldhana    Red Hat             Group Member
Seth Proctor     Sun Microsystems    Group Member
John Tolbert     The Boeing Company* Group Member
David Staggs     Veterans Health Administration  Group Member
 Have quorum at start: 7/10

- Minutes to approve: 9 April 2009 TC Meeting

 Approved, no objection

10:05 - 10:10 Administrivia

- XACML v3.0 Specification Status

   The following specifications are targeted for Committee Draft status
   at the next meeting as well as to be marked for Public Review. This
   meeting will be held in one week (April 16) at the same time and

   * Core Specfication
   * Hierarchical Resource Profile
   * SAML Profile
   * Administration and Delegation Profile
   * Digital Signature Profile
   * Multiple Resource Profile
   * Privacy Policy Profile
   * Core and hierarchical role based access control (RBAC) Profile

 Have final core and 7 profile specifications

 Motion to move docs to CD:
 Bill moves
 Erik seconds

 Any objections to CD: none
 Vote carries

 Motion to public review:
 Erik moves
 John seconds

 Any objections to public review: none
 Vote carries

 Need doc, html, pdf
 (if editable form not html, then need all 3 (incl editable)

 Need list of individual links to docs:

 Don't know until in repos what the link is.
-> Hal: will get clarification from Mary

   Hal: Norm Walsh confirmed our use of xml:id

   Hal: we will send docs to Mary for formal formatting check.

   Hal: public review will auto-go to security in OASIS,
    plus IETF, W3C, WS/I, ITUT, maybe NIST, OGC (geo-spatial),
    maybe HL7 (healthcare), Concordia, TSCP (John will provide email).

   Hal: new profile draft on export control

10:10 - 11:00 Issues

- XACML Export Control -US profile draft

 John: worked on w Paul Tyson, Bell Helicopter, export controls,
   need to define std attrs for international: nationality,
   control numbers from DOC, USML (munitions list, ITAR)

   std attrs for making export control decisions.

- Public comments submitted for the XSPA profile of XACML

   Finished public review
   Comments received above link

   David: RSA was important to getting public input

    Review xspa issues:
     1 Are gateways included? ACS is gateway.
     2 Diagnostic integers model: info holder does not relinquish
       control of any info - issue w pre-fetch - diagnostic images
       are too large

  Hal: responsibility to respond to people who made request,
    but possibly clarify doc to help people understand if the
    comment indicated party did not understand doc.

     3 Request context: how requests are mapped:
     Hal: this one borrowed mechanism from SAML, may not need
      to adjust doc but direct to underlying spec.
     4 Demo'd at HIMSS; do SAML, XACML, then they jump into how
       to do policies - here is how to identify patients; attr
       is provided, but up to individuals to identify mechanism
     5 Issue w text extracted from saml/xacml profile: basically
       said we don't return req in rsp.
     Hal: optional to return; David will incl note
     6 RSA 2008: defining attrs used for Dr Bob, created dissenting-
       subject-id - name of person being blocked. Would better
       describe dissenting-subject-id
     Erik: says he did original suggestion for dissenting
     David: masking plus additional info; can be better explained
     Hal: be careful; if user-id is different format, then may
      miss that person is supposed to be blocked.
     David: issue of NPI: should be number assoc w everyone
      (NPI: National Provider Identifier: a unique 10-digit identifier
       issued by HHS/CMS as mandated by the HIPAA legislation.)
     6 Default normal confidentiality code: normal is default; could
       add text to make clearer.
     7 Mary working late - file name overwrites saml - will fix
     8 Links: incl Hal's response; if doc external provide link
     David: will check.
     9 John M: comments in saml will affect xacml: Duane agreed, need to
      do some harmonization: Duane will provide email w details.
    10 John M: made broad stmt; David: this is interop profile w defined
      attrs; expect those attrs give scope required for this work.

 Hal: how did HIMSS conf interop go:
  David: we were in future directions portion: demo'd infrastructure of
   a hospital. NHIN (National Health Information Network) will be
   infrastructure for attrs shipping around and have opt-out model;
   they were very interested in xacml manner of doing this;
   they want the more detailed decision model; Will be taking code
   from HIMSS, make publ avail; will have tool to hook into nationwide
   health info exchange network. NHIN used between health info xchg's;
  David: One clever suggestion that surfaced was to package the SAML/XACML
   functionality into a 'set top box' to simplify the complexities that
   might keep small medical practices from using the XSPA profile to plug
   into the NHIN.
  Hal: will mention at RSA next week: David will send slide w relevant info.
  Hal: this will be part of new things happening w saml.

- Meeting schedule:

   Hal: we've had an intense period, go back to every other week.
    skip Apr 23 meeting
    next meeting: May 7, then 2 week schedule

 Meeting adjourned: 10:53 AM EDT

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]