OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Minutes for 26 May TC Meeting

I. Roll Call
  Voting Members
   Hal Lockhart (Chair)
   Bill Parducci (Co-Chair, minutes)
   Paul Tyson
   Doron Grinstein
   Remon Sinnema
   Anthony Nadalin
   Rich Levinson
   Hal Lockhart
   John Tolbert

   David Chadwick

  Quorum NOT met: (47% per Kavi)

I. Roll Call & Approve Minutes:
   NO vote on minutes for 19 May 2011 TC Meeting

II. Administrivia
   Hal noted that he will request at that next call we move back to 
   biweekly calls.

  XACML 3.0 core wd 20 uploaded
   The TC is encouraged to review.

   Hal will create a poll to gather the final attendance count for the 

III. Issues Discussed
  PDP REST Interface (PAP)
   Hal noted that the current thinking on the list attribute
   information would be in JSON and transported using a POST over HTTP
   with the response. He offered that he personally would like to see
   this done in such a way that doesn't cap the functionality. 

   David Chadwick concurs with this and noted that his current
   prototype doesn't cover Multiple Resources, but that this isn't part
   of the Core spec. 

   Paul pointed out that the W3C is working to develop standardized
   mechanisms for expressing RDF graphs and that XACML fits within the
   scope of this work. Therefore the TC should consider building upon
   that work. Alternatively, he offered that a "bridge" between XACML
   and the W3C work may be developed.

   Hal countered that direct association with the concept of "Semantic
   Web" work may defeat the underlying driver for this project 
   (enhanced approachability of XACML).

   Paul noted that he is not against any efforts to make XACML more
   approachable in HTTP based environments.

  XACML Implementers Guide
   Rich reviewed his position on the ramifications of how the current 
   direction on extended Indeterminate response and what it may mean to
   new adopters. This lead to the revival of the Adopters Guide. Rich
   asked that the TC consider adding/updating content to the guide as
   for changes to the spec/Profiles that have been added since the 

IV. New Issue
  Permit|Deny Bias PDPs & Extended Indeterminate
   Rich introduced and issue that was derived from comments by
   Indeterminate (D|P) results need to be percolated up to the response
   when generated by PDP bias.

   Paul asked for clarification where Ind(D|P) would be applicable in a
   real world example. He noted that and Ind(D) could not be converted 
   into a Permit. Rich offered that additional Attributes could result 
   in a N/A. Paul replied that this still doesn't result in a practical
   Use Case. Rich suggested that the TC dig into Chapter 2 of the
   Implementor's Guide to begin the clarification process.

  Obligations/Advice combining ambiguities.
   Rich asked for input on the current understanding on how Obligations
   /Advices are combined in a deterministic manner. Hal reviewed the 
   historical context of the desire for unordered evaluation. Rich
   will post a proposed solution to the list that is based upon the
   concept of a "default" behavior, that is followed by a list of an
   enumerated list of Obligations/Advices that are attempted.

V. Carryover Issues
  Indeterminate Policy Target handling

  PDP REST Interface - proposal 
   ("Towards the creation of XACML PEPs")

  Attribute predicate profile for SAML and XACML

  XACML Metadata

  Attribute predicate Profile for SAML and XACML

  Break The Glass Profile

  Profile Examples (Hierarchy) 

  PIP directive (additional information directives)

  Usage of status:missing-attribute in case of an AttributeSelector

  "Web Friendly" Policy Ids

  Specifying a specific associated Resource in a Policy (Sticky Policies)

meeting adjourned.

Next meeting June 2, 2010.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]