[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xacml] Proposed Agenda for 5 May 2011 TC Meeting
Ok, then let me put my last (for now) concern in this area on the table. Maybe this is just a lack of understanding on my part, because I was not involved in the discussion that led to extended indeterminate values in the spec. What is the intended use of extended indeterminate values? As a relying party, why would I distinguish between an "Indeterminate{D}" and a "Deny" decision, knowing that regardless of the missing attribute values I might supply after receiving Ind{D}, I would only get a Deny decision? Same for Ind{P} and Permit. I must be missing something. The spec is clear about what conditions should produce these return values, but silent on the motivational use cases. The reason I ask is to make sure that whatever additional behavior we specify around these values meets the original functional requirements. Regards, --Paul > -----Original Message----- > From: Hal Lockhart [mailto:hal.lockhart@oracle.com] > Sent: Thursday, May 05, 2011 10:25 > To: Tyson, Paul H; Rich Levinson; xacml > Subject: RE: [xacml] Proposed Agenda for 5 May 2011 TC Meeting > > I agree. I was planning (in my usual, arbitrary authoritarian way) to > first drive the extended indeterminate issue to a conclusion. We did > not discuss it last week because Erik was not on the call. > > I would also like to resolve Jan's issue about Policy Sets in the RBAC > profile, assuming this was a previously agreed change that did not get > made. It this turns out not to be the case we can defer it for later > discussion. > > Any time left can be used for other issues such as BTG. > > Hal > > > -----Original Message----- > > From: Tyson, Paul H [mailto:PTyson@bellhelicopter.textron.com] > > Sent: Thursday, May 05, 2011 10:43 AM > > To: rich levinson; xacml > > Subject: RE: [xacml] Proposed Agenda for 5 May 2011 TC Meeting > > > > > > I thought the main purpose of weekly meetings was to get the > > 3.0 specs back to cs status as soon as possible. If so we > > should put "XACML working drafts" first on the agenda. > > > > I think the only area of discussion is the substantive > > changes in section 7 of the core spec. Erik made these to > > clarify return values from policies in the event of > > indeterminate targets. I believe this uncovers some > > underlying issues that cannot be resolved quickly. I would > > prefer to remove the section 7 changes from wd-19 and leave > > the ambiguity in the spec until we can work through the > > issues. As Bill pointed out, underspecification is not an error. > > > > Regards, > > --Paul > > > > > -----Original Message----- > > > From: rich levinson [mailto:rich.levinson@oracle.com] > > > Sent: Thursday, May 05, 2011 00:25 > > > To: xacml > > > Subject: [xacml] Proposed Agenda for 5 May 2011 TC Meeting > > > > > > Time: 13:00 EDT > > > Tel: 513-241-0892 Access Code: 65998 > > > > > > Proposed Agenda for 5 May 2011 TC Meeting: > > > > > > I. Roll Call& Approve Minutes: > > > Roll call: > > > > > > Approve Minutes: 28 April 2011 TC Meeting Minutes (updated): > > > http://lists.oasis-open.org/archives/xacml/201104/msg00076.html > > > > > > > > > II. Administrivia > > > > > > Ongoing: "ITU-T Files of Interest": > > > Abbie will provide status as available > > > hal: > > http://lists.oasis-open.org/archives/xacml/201105/msg00000.html > > > > > > Ongoing: F2F Planning Update > > > status: F2F will be held in June 28th, 29, 30th in Lexington, MA > > > at the Boeing facility > > > John Tolbert to publish logistics information > > > hal: > > http://lists.oasis-open.org/archives/xacml/201105/msg00001.html > > > > > > Ongoing: OASIS XACML Webinar: OASIS asks is there interest > > to develop? > > > XACML Webinar set for 8 June, 2011 at 11:00ET US > > > Hal, Erik and Doron will be presenting. Development in progress. > > > > > > Ongoing: "OASIS IDtrust Member Section to host IIW - 3-5 May 2011": > > > dee: > > http://lists.oasis-open.org/archives/xacml/201103/msg00057.html > > > is there any news from this conf? > > > > > > > > > III. Issues > > > > > > new:<PolicySet> elements under PPS elements in RBAC profile" > > > jan: > > http://lists.oasis-open.org/archives/xacml/201104/msg00066.html > > > rich: > > http://lists.oasis-open.org/archives/xacml/201104/msg00083.html > > > rich: should this be resolved w action item to update 1st > > ref in doc? > > > > > > new (carryover): "Profile examples" > > > rich: links to hier examples: > > > anne's 2004 doc: http://lists.oasis- > > > open.org/archives/xacml/200406/msg00033.html > > > actual doc: http://lists.oasis- > > > open.org/archives/xacml/200406/pdf00003.pdf > > > rich: forest and dag non-xml resource examples: > > > http://lists.oasis-open.org/archives/xacml/200902/msg00058.html > > > rich: background on xml resource URI example: (many > > emails followed > > > this > > > to point where we came to agreement on current spec): > > > http://lists.oasis-open.org/archives/xacml/200910/msg00024.html > > > doron: to start a discussion thread on list and provide > > examples that > > > his > > > company is using to represent their hier operations > > > > > > Update: BTG Profile (Break The Glass): > > > latest: (david summary + follow on comments) > > > david: http://lists.oasis- > > > open.org/archives/xacml/201104/msg00074.html > > > remon: http://lists.oasis- > > > open.org/archives/xacml/201104/msg00078.html > > > david: http://lists.oasis- > > > open.org/archives/xacml/201104/msg00081.html > > > remon: http://lists.oasis- > > > open.org/archives/xacml/201104/msg00082.html > > > > > > Update: "Attribute predicate profile for SAML and XACML": > > > remon(zbac): http://lists.oasis- > > > open.org/archives/xacml/201104/msg00080.html > > > Greg, is in the process of splitting document into a SAML Profile > > > and XACML profile. He is a bit unclear as to what is needed in > > > XACML > > > profile based upon Paul's comments on the list. Hal > > offered that a > > > Profile may created or an artifact on non-normative > > document track. > > > Greg noted that he is awaiting feedback from the SAML > > group on the > > > proposal made to that group. > > > > > > update: "XACML working drafts" > > > "WD-19 of core and WD-14 of SAML profile" these specs are being > > > reviewed. > > > list of issues addressed is in 1st link, docs are in 2nd link: > > > list-fixes: http://lists.oasis- > > > open.org/archives/xacml/201104/msg00018.html > > > doc-links: http://lists.oasis- > > > open.org/archives/xacml/201104/msg00017.html > > > > > > > > > Following are carried over: not ref'd in last minutes: > > > > > > Update: "The Indeterminate flavors question" (aka: Extended > > > Indeterminate) > > > remon: http://lists.oasis- > > > open.org/archives/xacml/201104/msg00079.html > > > erik: > http://lists.oasis-open.org/archives/xacml/201104/msg00045.html > > paul: http://lists.oasis- > open.org/archives/xacml/201104/msg00046.html > > rich: http://lists.oasis- > open.org/archives/xacml/201104/msg00053.html > > > > Carried: PIP directive (additional information directives) > > original (David): http://lists.oasis- > > open.org/archives/xacml/201010/msg00005.html > > Hal: noted that this topic has been quiet and offered that he is > > working on an approach to possibly combining some of the ideas > > that have been considered. > > > > Carried: "usage of status:missing-attribute in case of an > > AttributeSelector > > - control of the pip through xacml rules" > > jan: http://lists.oasis- > open.org/archives/xacml/201103/msg00059.html > > comments: > > paul: http://lists.oasis- > open.org/archives/xacml/201103/msg00060.html > > erik: http://lists.oasis- > open.org/archives/xacml/201104/msg00002.html > > jan: http://lists.oasis- > open.org/archives/xacml/201104/msg00003.html > > > > Carried: ""Web Friendly" Policy Ids": > > hal: http://lists.oasis- > open.org/archives/xacml/201103/msg00044.html > > comments: > > paul: http://lists.oasis- > open.org/archives/xacml/201103/msg00046.html > > > > Carried: Specifying a specific associated Resource in a Policy > (Sticky > > Policies): > > hal: http://lists.oasis- > open.org/archives/xacml/201103/msg00012.html > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe from this mail list, you must leave the OASIS TC that > > generates this mail. Follow this link to all your TCs in OASIS at: > > https://www.oasis- > open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]