[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes for 1 November 2012 TC Meeting (updated)
Time: 17:00 EDT (GMT-0400) Tel: 513-241-0892 Access Code: 65998 (Note: this is last mtg this year on EDT - starting next mtg the time will be 15:00 (3PM (see below)) EST (GMT-0500)) Minutes for 1 November 2012 TC Meeting (updated): - minor typo fix from tue->thu for 3pm est 11/15 nxt mtg I. Roll Call& Minutes Roll call: Achieved quorum yes Voting Members: 10 of 13 (76%) (used for quorum calculation) David Brossard Mike Davis Crystal Hayes Rich Levinson Hal Lockhart Bill Parducci Erik Rissanen Remon Sinnema Danny Thorpe John Tolbert Member Mohammad Jafari ViewDS Steven Legg Jean-Paul Buu-Sao bill: we have quorum Approve Minutes: 18 October 2012 TC Meeting https://lists.oasis-open.org/archives/xacml/201210/msg00069.html -> inadvertently skipped; need to approve at next mtg II. Administrivia: Time change: propose change to 3PM ET starting 11/15 bill moves danny 2nds hal: any objections? none heard, so it is official: 3pm on thu hal: demo: support rest/json profiles; 5 companies involved, please join if planning to participate UMA/JACML Presentation at last mtg: Thanks to Eve Maler for the UMA/JACML presentation at last mtg - it provides the xacml tc w some interesting opportunities to consider how xacml would fit in an OAuth2/UMA environment. Rich provided ref to OpenAz OAuth2 simulation w live xacml pdp that represents a candidate strategy for using xacml to provide all the authorization for the OAuth2 use case model which Eve made brief comment on: https://lists.oasis-open.org/archives/xacml/201210/msg00070.html not discussed Policy Template Profile discussion: Jean-Paul has requested that we allocate some time this mtg to discuss this profile. There is item in issues section below. Digital policy mgmt demo proposal: Jean-Paul has developed a prototype of this capability for TSCP, and David B. has suggested that he demo it to xacml tc; Jean-Paul suggests possibly at some future mtg, and that the demo would take about 30 min. skipped/carry over to next mtg JSON profile updated: https://lists.oasis-open.org/archives/xacml/201210/msg00071.html wd06: https://lists.oasis-open.org/archives/xacml/201210/msg00076.html download link: https://lists.oasis-open.org/archives/xacml/201210/msg00075.html hal: put all tc members in acknowledgements hal: any comment or question on profile? see issues section below: REST profile updated - wd06: https://lists.oasis-open.org/archives/xacml/201210/msg00017.html ray: removed policy admin to get out to prv combining algs profile updated (erik): https://lists.oasis-open.org/archives/xacml/201210/msg00090.html request to vote to csd/pub review: https://lists.oasis-open.org/archives/xacml/201210/msg00091.html hal: sounds like enough uncertainty to hold off vote see issues below xacml 2.0 adapted to xacml 3.0 conformance tests uploaded (danny): https://lists.oasis-open.org/archives/xacml/201210/msg00051.html hal: danny uploaded; please check out xacml logo: hal: https://lists.oasis-open.org/archives/xacml/201210/msg00043.html comments thru: https://lists.oasis-open.org/archives/xacml/201210/msg00050.html hal: people should look at logo: opinions solicited xacml profile for obligations: mike davis and mohammad jafari will introduce a proposed profile for obligations at next tc mtg: nov 15. III. Issues json profile issues/comments: ray: retrofit to xacml 2.0? https://lists.oasis-open.org/archives/xacml/201210/msg00077.html https://lists.oasis-open.org/archives/xacml/201210/msg00079.html xpath support comments (steven): https://lists.oasis-open.org/archives/xacml/201210/msg00087.html david: xpath support not generally useful in this context hal: is xpath in policy? david: there are several places where xpath can be steven: xpath exp can have xpath hal: seems counter-intuitive for xpath to search json structures david: how about xml in json hal: like an xml record in the request danny: need a helper fcn hal: spec will be updated w something to address this policy template profile: agenda item to provide discussion (jean-paul): steven: Summary of the 3 proposed syntaxes for Policy Template https://lists.oasis-open.org/archives/xacml/201210/msg00060.html policy template wiki: https://lists.oasis-open.org/archives/xacml/201210/msg00040.html policy template examples question: https://lists.oasis-open.org/archives/xacml/201210/msg00037.html jean-paul: extensive email thread 3 weeks ago; 3 options are in wiki: 1. based on attr value 2. based on parameters 3. based on proposal by Erik jean-paul weighed plus and minus today would like agree on option: 1,2,or3? can't put attr designator pretending to be a parameter in all places can put attr des. i.e. attr des treated as a param; erik: can't do w/o schema chg jean-paul: stated objective to solve dynamic,static use cases w/o chgs to core spec.' erik: static substitution can't put back in target restrictions on what bags in conditions are problematic jean-paul: core benefit is on target of rules; hal: do we need to choose? jean-paul: can discard option 1, but need to choose between 2 and 3. feels 3 distorts purpose of attr des; steven agrees; erik: thought could solve w attr desgs; for expansion need something, but ow, 3 is sufficient; hal: likes idea of preprocessor doing something to policies; erik: rather than new param, put params in attrdes and have pep that fills in values at runtime; pip would add the info at runtime; diff is preprocessor would produce an xml doc; plugging in attr values, rather than chging policy jean-paul: want to manage thousands of similar policies, want to just manage the template; delegation model/ admin category issue (erik, steven): https://lists.oasis-open.org/archives/xacml/201210/msg00092.html https://lists.oasis-open.org/archives/xacml/201210/msg00094.html issue: tagging of policy sets; either admin or access, lots of questions, possibly resolved: https://lists.oasis-open.org/archives/xacml/201211/msg00000.html date-time in range question: https://lists.oasis-open.org/archives/xacml/201210/msg00093.html not discussed; may be resolved on mail list
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]