I can tell that David did a good job presenting xacml. I was
present there.
On 04/19/2012 09:50 AM, David Brossard wrote:
Dear all,
Just to give you a bit of feedback on the OASIS EIC workshop. I
won't be on today's call due to prior commitments.
The workshop went really well with a good intro by John Sabo of CA
and Mike Small of Kuppinger Cole and then contributions from
various TCs including OASIS's Identity in the Cloud TC, the
Privacy Management Reference Model (PMRM) TC, and the XACML TC.
In the slides I presented, I chose to introduce 3 possible ways
authorization in the cloud could be tackled. I've attached the
slides for your benefit.
I think attendees were excited by the possibility of using context
in authorization as well as having a single centralized point of
management.
Please find the slides attached.
Cheers,
David.
On Mon, Apr 9, 2012 at 6:11 PM, David
Brossard <david.brossard@axiomatics.com>
wrote:
Dear all,
As Rich pointed out, I volunteered to represent the TC at EIC
in Munich in a fortnight. If there is particular work items
you would like to put forward, please do let me know. If there
are upcoming XACML events you want me to mention, please do
tell me as well.
Kind regards,
David.
On Mon, Apr 9, 2012 at 6:04 PM, rich
levinson <rich.levinson@oracle.com>
wrote:
Time: 13:00 EDT (GMT-0400)
Tel: 513-241-0892
Access Code: 65998
Minutes for 5 April 2012 TC Meeting: (2nd update w 2nd
attendance correction)
Thanks to Danny Thorpe of Quest Software for collecting
the details that are used as the basis for these
minutes.
I Roll Call
Voting Members
Crystal Hayes The Boeing Company
Richard Hill The Boeing Company
Rich Levinson Oracle
Hal Lockhart Oracle
Bill Parducci Individual
Remon Sinnema EMC
Danny Thorpe Quest Software
John Tolbert The Boeing Company
Paul Tyson Bell Helicopter Textron Inc.
Members
Erik Rissanen Axiomatics
Approve Minutes:
Since no quorum at Mar 22 mtg, still need to approve Mar
8 minutes:
8 March 2012 TC Meeting
http://lists.oasis-open.org/archives/xacml/201203/msg00006.html
22 March 2012 TC Meeting
http://lists.oasis-open.org/archives/xacml/201203/msg00014.html
Accepted minutes from prev 2 meetings.
No objections to unanimous consent.
II. Administrivia
Speaking opportunity for XACML TC at European Identity
Conf (EIC)
in Munich 17 April: Jane wanted to know by 3/30, but
let's discuss
if any interest, then can find out if still available:
http://lists.oasis-open.org/archives/xacml/201203/msg00015.html
dave broussard signed up for EIC speaking
XACML Core v3.0 WD-23 uploaded: still open issue as to
what the
baseline for this rev is: i.e. did not seem to match w
wd22.
See mtg minutes for more detail:
http://lists.oasis-open.org/archives/xacml/201203/msg00014.html
original wd-23 notice:
http://lists.oasis-open.org/archives/xacml/201203/msg00007.html
ready to vote to CSD wd23? (hal)
Recent diffs make it difficult to review changes,
need to discuss changes in identity wording (rich)
Typography issues need to be fixed prior to CSD?
(eric, ray fine without font changes)
Move to take wd23 to CSD (eric) seconded (ray)
Do cross references need to be updated now?
How did we do it last time?
Defer vote for CSD to next call to allow time to
research,
address cross references
Urge everyone to review docs,
be prepared for CSD vote on next call
New item (rich): off list request rcvd from Oded Sofer
of IBM
asking when XACML 3.0 expected to be released:
hal: indicated that while ind members may express
their
opinions on projected dates, it is the TC process
itself,
and the TC, as a whole, that determines the actual
schedule.
interested parties may refer to the OASIS Technical
Committee
Approval Process to provide a basis for
understanding where
in the process a specific spec is, and what remains
for
its final approval:
http://www.oasis-open.org/policies-guidelines/tc-process#standApprovProcess
also noted: do existing attestions need to reattest in
light of
recent edits to spec? (rich, hal) - we will
revisit this
as we move along in the process - no issues
expected, but
it may be prudent to reissue the attestations
referring to
the specific version being referred to.
III. Issues
XACML Media Types (last mtg members asked to review the
comments)
(Comment: Erik)
http://lists.oasis-open.org/archives/xacml/201203/msg00008.html
Ray to update document for next call
(john) no way to exchange request (collection of
attributes)
without a compete decision request around it
How does PDP get all xacml attributes from, say,
PIP?
(hal) Note recent proposal in SAML TC.
(john) could suffice, but can that handle
non-subject attributes?
(john) Among the collection of media types defined,
there appears to be a gap
(hal) can be extended later
(ray) media types we have so far should be enough
for
the REST profile
XACML Core v3.0 Comments
(Comment: Remon) also added comment in minutes about
diagram
needs minor fix)
http://lists.oasis-open.org/archives/xacml/201203/msg00009.html
XACML v3.0 Open Items
Issues list:
http://lists.oasis-open.org/archives/xacml/201202/msg00001.html
Issue #3: Combining Algorithm
general consensus is to create a separate Profile; erik
to author
Eric posted a proposal for this comb alg as a separate
profile.
Needs review.
Issue #4 Context Handler
update in latest draft wd-23: members should review
Issue #8 Schema Anomalies ("choice element" or "Policy w
no Rules")
rich has action to post to wiki details of this issue
and what
suggested action will be.
Meeting adjourned approx: 1:35
Next call April 19
|