[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes for 24 February 2011 TC Meeting
Time: 13:00 EDT Tel: 513-241-0892 Access Code: 65998 Minutes for 24 February 2011 TC Meeting: I. Roll Call Erik Rissanen Doron Grinstein Gareth Richards Sridhar Muppidi Gregory Neven Bill Parducci Anthony Nadalin Rich Levinson Hal Lockhart Paul Tyson Non-Voting Abbie Barbir we have quorum Approve Minutes: 10 February 2011 TC Meeting http://lists.oasis-open.org/archives/xacml/201102/msg00020.html hal: approved no objection II. Administrivia F2F vote: ID in the cloud TC may meet same week as IdTrust, Apr 6,7 (w,th) john reserved us a room in crystal city (near dc) people have travel restrictions sridhar: if we had agenda w priorities, might impact people attendance hal: at least the current discussion issues, plus other topics hal: propose that people suggest list of topics to help create a full agenda. XACML versions and ITU + comments: http://lists.oasis-open.org/archives/xacml/201102/msg00022.html hal comment: http://lists.oasis-open.org/archives/xacml/201102/msg00026.html http://lists.oasis-open.org/archives/xacml/201102/msg00029.html abbie: http://lists.oasis-open.org/archives/xacml/201102/msg00027.html remon: http://lists.oasis-open.org/archives/xacml/201102/msg00028.html http://lists.oasis-open.org/archives/xacml/201102/msg00030.html bill: http://lists.oasis-open.org/archives/xacml/201102/msg00032.html abbie: has been in contact w jamie, things in process need official list of docs; xspa? hal: will take action to identify 4 categories of files: xspa core and legacy john's profiles (export, ip) errata will pass to ITU; will try to get links to abbie by Mon. hal will also talk to remon, who expressed interest no objections to hal's proposed action above Conformance tests and comments: bill: http://lists.oasis-open.org/archives/xacml/201102/msg00031.html http://lists.oasis-open.org/archives/xacml/201102/msg00035.html paul: http://lists.oasis-open.org/archives/xacml/201102/msg00033.html remon: http://lists.oasis-open.org/archives/xacml/201102/msg00034.html bill: suggest course to tag things; paul: looked at doc ref'd and in repos is labeled v2 test; were created, but not validated: several questions: do we want to carry forward to xacml 2.0, 3.0 or devote effort rich: should identify what's missing in current tests paul: if advertised as conformance test suite; hal: these are not compliance tests; currently they are a self-test mechanism primarily; in kavi folder; paul: msg 33 points to doc rich: probably 2-4 manweeks of effort to get things under control paul: is actually doing the details of converting to 3.0 etc. took what was in svn; some things were just run thru translator; hal: looking at do 1394 paul: looking at 14021 - link is in email paul: rich said keep framework; paul thinks there are deficiencies that need addressing rich: not opposed to any direction, just would like to understand what are current deficiencies and how they will be addressed paul: set out to do a policy evaluator to address the attribute assertions which led into this effort; hal: other thread here is errata, which will take on w remon; III. Issues BTG Profile (Break The Glass): Overall comments on BTG Proposal/Protocol Flows: original (David): http://lists.oasis-open.org/archives/xacml/201011/msg00017.html david: Protocol Flows: http://lists.oasis-open.org/archives/xacml/201102/msg00021.html erik: http://lists.oasis-open.org/archives/xacml/201102/msg00036.html paul: http://lists.oasis-open.org/archives/xacml/201102/msg00037.html mike: http://lists.oasis-open.org/archives/xacml/201102/msg00038.html erik: http://lists.oasis-open.org/archives/xacml/201102/msg00039.html mike: http://lists.oasis-open.org/archives/xacml/201102/msg00040.html bill: http://lists.oasis-open.org/archives/xacml/201102/msg00041.html rich: http://lists.oasis-open.org/archives/xacml/201102/msg00042.html rich: recommends just using "attributes" as the effective state hal: he and erik added couple emails for some kind of external mechanisms, such as rbac; should be architected as separate entity. paul: pdp state changes impact very broadly; if some action-id sets attr in request context; hal: will table for now david: Risk adaptive vs BTG http://lists.oasis-open.org/archives/xacml/201102/msg00023.html paul: http://lists.oasis-open.org/archives/xacml/201102/msg00024.html john: http://lists.oasis-open.org/archives/xacml/201102/msg00025.html Attribute Assertions in XACML request greg: just prior to last mtg: http://lists.oasis-open.org/archives/xacml/201102/msg00016.html tony: http://lists.oasis-open.org/archives/xacml/201102/msg00019.html prev msgs: original (Paul): http://lists.oasis-open.org/archives/xacml/201010/msg00012.html (Tony's example) http://lists.oasis-open.org/archives/xacml/201102/msg00013.html greg: not much activity last couple of weeks; thinks some predicates from tony went further tony: wants a predicate that can be fed into the pdp (called "claims") greg: this seems further and not compatible w what they are doing tony: not sure if there is total overlap; maybe up to point of handing off to pdp; might look at predicates up to the pdp greg: in tony's use case there is delegation going on; can explore feeding predicates in to the pdp; hal: even saml proposal wouldn't be limited to boolean; tony concurs; hal: even non-boolean falls into category of fact about the entity; you are 36 years old is not a boolean statement; the actual expression is not a boolean, even though the result coudl be expressed as boolean paul: request context is unnecessarily constrained to equality predicates greg: challenge is how things are expressed in pdp paul: prolog sets direction: says conditions on which predicate is true; hal: is there a useful subset, or should we look for more complete understanding greg: short term want to look at "simple" case, whereas above are "more elaborate" than the simple. PIP directive (additional information directives) original (David): http://lists.oasis-open.org/archives/xacml/201010/msg00005.html latest: http://lists.oasis-open.org/archives/xacml/201012/msg00022.html hal: no new info on this issue at present; hal: next meeting 10-March-2011
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]