OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Draft Minutes from 15 December 2011 TC Meeting

Minutes for 15 December 2011 XACML TC Meeting


> I  Roll Call&  Minutes
> 
Attendance

Voting Members

Crystal Hayes		The Boeing Company
Richard Hill		The Boeing Company
Rich Levinson		Oracle
Hal Lockhart		Oracle
Bill Parducci		Individual
Remon Sinnema		EMC
John Tolbert		The Boeing Company
Paul Tyson			Bell Helicopter Textron Inc.

Members

Ron Williams		IBM


>    Approve Minutes:
>     1 December 2011 TC Meeting
>     http://lists.oasis-open.org/archives/xacml/201112/msg00006.html

Minutes approved unanimously 

> 
> II. Administrivia
> 
>    RSA InterOp Status
>     Discussion is ongoing on xacml-demo-tech defining the
>      demo scenario and working logistics of RSA signup.
>      xacml-demo-tech access requires being enrolled participant,
>      however summary status will be reported at TC meetings.

Hal reported that the group had agreed to base the demo on the IPC Profile, freezing on one draft if necessary. Resources will be documents and their attributes will be obtained from Custom Properties within the documents. This will potentially allow us to demonstrate how the attributes can move with the documents from one server to another.


>    XACML ->  LegalRuleML TC - status update wrt xacml TC interest:
>     http://lists.oasis-open.org/archives/xacml/201112/msg00016.html
> 
Paul reported on this. The TC proposers agreed to add reference to XACML to the Charter and to specifically consider usecases where the use of XACML might be appropriate.

> 
>    EC-US Profile WD-03 uploaded - discussion thread to be started:
>     http://lists.oasis-open.org/archives/xacml/201112/msg00004.html
> 
Paul made the comment that policies such as those in the EC and IPC Profiles could be structured in two different ways. 

1. First Person Policies – embody the logic from contracts and regulations in the policies

2. Third Person Policies – reference the contractual agreements and simply check if they are in force.

Paul suggested the first type might be more stable over time. He further pointed out the examples from the EC and IPC Profiles represent the two types. There was general discussion and a consensus that both types are useful and should be enabled by XACML Profiles.


>    Dec 29 mtg cancelled:
>     http://lists.oasis-open.org/archives/xacml/201112/msg00007.html
> 
> 
> III. Issues
> 
>   New issues:
> 
>    Context Handler (was: XACML and RDF)
>     (discussion about xacml wiki page:
>       http://wiki.oasis-open.org/xacml/XACMLandRDF )
>     ray:
>      http://lists.oasis-open.org/archives/xacml/201112/msg00000.html
>     paul:
>      http://lists.oasis-open.org/archives/xacml/201112/msg00001.html
>     ray:
>      http://lists.oasis-open.org/archives/xacml/201112/msg00017.html
>     erik:
>      http://lists.oasis-open.org/archives/xacml/201112/msg00021.html
> 
>    New (combining) algorithm proposal:
>     erik->rich->erik:
>      http://lists.oasis-open.org/archives/xacml/201112/msg00020.html
> 

This was not discussed since Erik was not on the call.


>   Ongoing issues:
> 
>    Intellectual Property Profile
>     IPC Profile WD-06 uploaded - comments/discussion in progress:
>      hal:
>       http://lists.oasis-open.org/archives/xacml/201112/msg00023.html
>       http://lists.oasis-open.org/archives/xacml/201112/msg00022.html
>       http://lists.oasis-open.org/archives/xacml/201112/msg00002.html
>      paul:
>       http://lists.oasis-open.org/archives/xacml/201112/msg00003.html
> 
>    strings vs. URIs (may be related to item discussed at Dec 1 mtg
>      labeled: "Identifier Matching (URI matching)")
>     http://lists.oasis-open.org/archives/xacml/201112/msg00005.html
> 

Paul argued that while the case for URIs as things like attribute names was reasonable, there was much less precedent and motivation for URIs for enumerated values. He argues that simple strings were much easier to deal with. He also pointed out that even a Schema-aware tool would not know that these were the legal values, since they were not declared as an enumeration in XML.

Hal advanced the arguments that XACML has always used URNs and that the language was so wordy that long identifiers were only the tip of the iceberg. He conceded the point about names vs. values and tooling, pointing out that this was a proposed AMF feature, but that there is no current support.

John expressed a desire to finish the Profile one way or the other and stop changing it.

The issue was carried over to the next call.


>    XACML Media Type (registration action item from Dec 1 mtg):
>     ray:
>      http://lists.oasis-open.org/archives/xacml/201112/msg00008.html
>      http://lists.oasis-open.org/archives/xacml/201112/msg00010.html
>      http://lists.oasis-open.org/archives/xacml/201112/msg00015.html
>     erik:
>      http://lists.oasis-open.org/archives/xacml/201112/msg00009.html
> 

Ray has concluded that we need to create a new profile discussing the use of media types, in order to register them with IANA. The types will be XACML Request, XACML Response and XACML Policy. This can be incorporated in the REST Profile that David and Ray are working on.


>    OASIS namespace docs (was: XACML Namespace (action from 
> Dec 1 mtg)):
>     paul:
>      http://lists.oasis-open.org/archives/xacml/201112/msg00011.html
>     bill:
>      http://lists.oasis-open.org/archives/xacml/201112/msg00012.html
>     tc-admin:
>      http://lists.oasis-open.org/archives/xacml/201112/msg00013.html
>      http://lists.oasis-open.org/archives/xacml/201112/msg00014.html

This issue needs someone to make a specific proposal.

The next call will be on January 12, 2012.

Hal

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]