OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Minutes for 8 March 2012 TC Meeting

Time: 13:00 EST (GMT-0500)
Tel: 513-241-0892
Access Code: 65998

Minutes for 8 March 2012 TC Meeting:
(Thanks to Richard Hill of Boeing for providing the
 details for the minutes which are included here)

  Note: next meeting:

	  March 22, 2012
	  1PM EDT

	  Note: EDT is now in effect in US and equals GMT-0400
	  since different countries go to *DT on different dates
	   there may be confusion w mtg times next few weeks;
	   please try to figure local time vs EDT, which is
	   GMT-0400, which will be in effect starting next mtg.

I  Roll Call&   Minutes

 Roll Call:

Voting Members
Crystal Hayes	The Boeing Company
Richard Hill	The Boeing Company
Rich Levinson	Oracle
Hal Lockhart	Oracle
Remon Sinnema	EMC
Danny Thorpe	Quest Software
Paul Tyson		Bell Helicopter Textron Inc.

Abbie Barbir	Bank of America
Jan Herrmann	Siemens AG

 Approve Minutes:
  23 February 2012 TC Meeting

    * vote on minutes: approved

II. Administrivia
 RSA InterOp Status - review conference highlights

    * RSA interop - members comments good.

    rich: mentioned that the Boeing contribution was extremely useful
    and demonstrated the concept of defining "standard attributes" as
    defined in the IPC Profile, which enables "integration" of all the
    backend resource documents under a common representation umbrella
    independent of the technological details of the documents and their

 US Govt: Prog Mgr for the Information Sharing Environment (PM-ISE)

    * ISE program; Scott McGrath ; No comments.
	above email has attached 12-pg document describing PM-ISE

 ITU Presentation (SAML/XACML) Call was on 2/27: anymore info?

    * Abbie: gave update on ITU supplier tool.
	Correspondent tool, xacml, Bank of America

        - Abbie: Needed to determine if xacml v3 core spec will
	   be approved by mid July? (there is window on 4 yr
	   ISO cycle of approvals that needs to be met)

        - Hal: take 4 month process to finalize and approve.
	   60 day review for member review.

 XACML Media Types
  Initial Document w one media type - Ray: comments requested
  Comment from Paul:
  Version parameter: Ray,Bill:
  Background on IANA Registration:

        - propose a single media type, add optional version parameter.
	   Ray: clarified that single type was to show general format
	    for each media type, and when agreed, more types can be
	    added as needed.

        - Hal: careful about versioning. PDP might get req and response
	   in a different format.

        - Paul: recommends finishing media types; need to distinguish
	   between v2 and v3.

 Legal RuleML Uploaded: any updates on activities?

    * Legal RuleML: Paul gave update; Rule ML progressing with core spec.
	 May not be a big impact

 REST Profile of XACML v3.0 Version 1.0 Uploaded: discussion:

    * Rest profile status:

        - Paul: made comments that may extend it further than what
	   others may have in mind.

        - Paul: asks members to review comments and consider.

 Profile proposal: On-permit-apply-second Combining Algorithm

    * Profile proposal:

        - Erik's proposal on combining algorithm.

        - Hal passed over on it.
	  (since Erik sent regrets for today's mtg)

III. Issues

 Core (minor typos/questions):

  Remove erroneous comma:

        - Ray commented extraneous comma needs removal.

  Remove bold,italic:

        - used "action" in an informal way. message 43.

  List of combining algs:

        - Normative language is out of date. Ray good with Erik's suggestion.

  Reuse of rules/PAP:

        - sec 2.2; Ray; having rule ref; policy was the center of administration.

        - language is hold over from previous version.

        - Hal: suggest removing "use of tools". Need consensus

XACML v3.0 Open Items
 Issues list:

 Issues discussions:

 Issue #3:  Combining Algorithm

 Issue #4 Context Handler
  Ray proposal and follow-up comments:

        - Hal: debate is about arch definitions;
	   doesn't object to tighten up language.

        - ??? comment: Introduce new component; context handler
	   can also add context values to request.

        - Paul:  obligation and advise handling as separate.

        - Hal: context handler for formatting, etc...;
	   lines drawn for logic. all definitions cover their
	   respective responsibilities.

        - Paul? context is a bag of attributes, first attribute needs
	   to be fully populated and not changed.

        - Paul&  Hal discussed RAA of components. message 38 of Feb.
	   Erik's approval for Paul’s wording.

        - Hal approves Paul’s suggestion on how to proceed.

        - ???; comments: 1.) can cause improbability issues.
	   2.) can context be extended at runtime?
	        i.e.; obligation telling pep how to do it.

        - Hal; separate the obligation and advice handling issues
	   from the general context handler architecture issue.;
	   ...adding attributes at a later time.

        - Rich: context plays a part in profiles by taking
	   req from a structure into increments to pdp.
	   Missing: wording misses this.

        - Rich:  what context needs to contain
	   i.e. one collection of attributes per category.
	   Definition in arch is loosely defined.

        - Paul: Doesn't seem complete in defining
	   arch pdp components?

        - Paul: need to be clear about what is being done with
	   each component of arch.

        - Paul: fix wording to cover some cases.
	   suggests limited changes.

 Issue #8 Schema Anomalies ("choice element" or "Policy w no Rules")
  recent discussion focus on whether combining algs render issue moot:

        - summarize: rich: existing schema is troubling
	  i.e. zero rules - intent of allowing not clear;
	   schema stands for now...
	   don't want to impact things now, but still needs review.
	  key issue:
	     there is single schema group that collects unrelated
		concepts and ties them together in inexplicable ways
		  - rules
	          - variable definitions
	          - combining parameter collection elements.

        - Hal: what guidance doe we provide with a policy with no rules;
	   put everyone on notice on this to look.

        - Hal: may need to move to weekly meetings to wrap up issues
	   like this.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]