[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: MInutes 10 February TC Meeting
I. Roll Call Voting Members Hal Lockhart (Chair) Bill Parducci (Co-Chair, minutes) Erik Rissanen Paul Tyson Doron Grinstein Gareth Richards Remon Sinnema Rich Levinson John Tolbert David Staggs Members Abbie Barbir Mike Davis Anthony Nadalin Gregory Neven* David Chadwick* Franz-Stefan Preiss* *Voting Member as of next meeting Quorum met: (100% per Kavi) I. Roll Call & Approve Minutes: 27 January 2011 TC Meeting (Updated): APPROVED unanimously II. Administrivia NIST IDTrust Symposium Call for Poster Announced http://lists.oasis-open.org/archives/xacml/201102/msg00002.html XACML v3 WSDL The TC is looking for a volunteer to work on a WSDL for V2, V3. F2F Doron volunteered BitKoo to host location (Los Angeles). Rich suggested hosting on East Coast since last F2F was in San Francisco. Erik suggested something that coincides with Catalyst in San Diego (July). Coordinating with timing of the ID-Trust meeting (Washington DC) in April was suggested as well as Toronto. III. Issues BTG Profile (Break The Glass): David Chadwick reviewed the document posted to the list. Paul voiced concern over attempting to standardized this scenario based upon the PDP's knowing of how BTG is applicable. Rich requested a diagrammatic representation be presented to the list that works through the BTG process. David offered to post one from his paper, noting that the attribute would not be visible. Erik noted that the Profile should more clearly specify the Policy determines who is allowed to Break the Glass. Mike Davis offered that Break the Glass has special significance to the health industry and that this proposal is addressing an issue that is larger than this. John Tolbert concurred, suggesting that this may be more appropriately referred to as Risk Adaptive Access Control. Attribute Assertions in XACML request Gregory reviewed the current status of the discussion. Paul offered that the two use cases being discussed are the same problem. Gregory responded that the Attribute matching is unique. Paul argued that this would still require something to manage the Attributes. Gregory the full predicate would be passed to the IDP and it would return the predicate as "certified". Paul offered that by "passing a chunk of a Policy" to the IDP breaks the "single decision point". Hal asked how is this different than the SAML query of, "give me the guys age if he is over 25". Hal suggested that we explore the "explicit" flavor of this issue to wring out the core problems/structure. Further discussion will continue on the list. meeting adjourned.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]