OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Minutes for 1 November 2012 TC Meeting (updated)


Time: 17:00 EDT (GMT-0400)
Tel: 513-241-0892
Access Code: 65998

 (Note: this is last mtg this year on EDT - starting next mtg
   the time will be 15:00 (3PM (see below)) EST (GMT-0500))


Minutes for 1 November 2012 TC Meeting (updated):
 - minor typo fix from tue->thu for 3pm est 11/15 nxt mtg

I. Roll Call&   Minutes

  Roll call:

Achieved quorum	yes

Voting Members: 10 of 13 (76%) (used for quorum calculation)

David Brossard
Mike Davis
Crystal Hayes
Rich Levinson
Hal Lockhart
Bill Parducci
Erik Rissanen
Remon Sinnema
Danny Thorpe
John Tolbert

Member
Mohammad Jafari
ViewDS	Steven Legg
Jean-Paul Buu-Sao


    bill: we have quorum



  Approve Minutes:
   18 October 2012 TC Meeting
   https://lists.oasis-open.org/archives/xacml/201210/msg00069.html

 ->	inadvertently skipped; need to approve at next mtg


II. Administrivia:

  Time change: propose change to 3PM ET starting 11/15
    bill moves
    danny 2nds

    hal: any objections? none heard, so it is official: 3pm on thu

    hal: demo: support rest/json profiles;
	5 companies involved, please join if planning to participate

  UMA/JACML Presentation at last mtg: Thanks to Eve Maler for the UMA/JACML
   presentation at last mtg - it provides the xacml tc w some interesting
   opportunities to consider how xacml would fit in an OAuth2/UMA
   environment.

   Rich provided ref to OpenAz OAuth2 simulation w live xacml pdp that
    represents a candidate strategy for using xacml to provide all the
    authorization for the OAuth2 use case model which Eve
    made brief comment on:
     https://lists.oasis-open.org/archives/xacml/201210/msg00070.html

	not discussed


  Policy Template Profile discussion: Jean-Paul has requested that we
   allocate some time this mtg to discuss this profile.

	 There is item in issues section below.


  Digital policy mgmt demo proposal: Jean-Paul has developed a prototype
   of this capability for TSCP, and David B. has suggested that he demo
   it to xacml tc; Jean-Paul suggests possibly at some future mtg, and that
   the demo would take about 30 min.

	skipped/carry over to next mtg


  JSON profile updated:
   https://lists.oasis-open.org/archives/xacml/201210/msg00071.html
   wd06:
    https://lists.oasis-open.org/archives/xacml/201210/msg00076.html
   download link:
    https://lists.oasis-open.org/archives/xacml/201210/msg00075.html

	hal: put all tc members in acknowledgements
	hal: any comment or question on profile?
	see issues section below:



  REST profile updated - wd06:
   https://lists.oasis-open.org/archives/xacml/201210/msg00017.html

	ray: removed policy admin to get out to prv


  combining algs profile updated (erik):
   https://lists.oasis-open.org/archives/xacml/201210/msg00090.html
  request to vote to csd/pub review:
   https://lists.oasis-open.org/archives/xacml/201210/msg00091.html

	hal: sounds like enough uncertainty to hold off vote
		see issues below


  xacml 2.0 adapted to xacml 3.0 conformance tests uploaded (danny):
   https://lists.oasis-open.org/archives/xacml/201210/msg00051.html

	hal: danny uploaded; please check out


  xacml logo:
   hal:
    https://lists.oasis-open.org/archives/xacml/201210/msg00043.html
   comments thru:
    https://lists.oasis-open.org/archives/xacml/201210/msg00050.html

	hal: people should look at logo: opinions solicited


  xacml profile for obligations:

    mike davis and mohammad jafari will introduce a proposed profile
	for obligations at next tc mtg: nov 15.


III. Issues

  json profile issues/comments:
   ray: retrofit to xacml 2.0?
     https://lists.oasis-open.org/archives/xacml/201210/msg00077.html
     https://lists.oasis-open.org/archives/xacml/201210/msg00079.html
   xpath support comments (steven):
    https://lists.oasis-open.org/archives/xacml/201210/msg00087.html

	david: xpath support not generally useful in this context
	hal: is xpath in policy?
	david: there are several places where xpath can be
	steven: xpath exp can have xpath
	hal: seems counter-intuitive for xpath to search json structures
	
	david: how about xml in json
	hal: like an xml record in the request
	danny: need a helper fcn
	hal: spec will be updated w something to address this



  policy template profile: agenda item to provide discussion (jean-paul):
   steven: Summary of the 3 proposed syntaxes for Policy Template
    https://lists.oasis-open.org/archives/xacml/201210/msg00060.html
   policy template wiki:
    https://lists.oasis-open.org/archives/xacml/201210/msg00040.html
   policy template examples question:
    https://lists.oasis-open.org/archives/xacml/201210/msg00037.html

	jean-paul: extensive email thread 3 weeks ago; 3 options
	 are in wiki:

	  1. based on attr value
	  2. based on parameters
	  3. based on proposal by Erik

	jean-paul weighed plus and minus
	today would like agree on option: 1,2,or3?

	 can't put attr designator pretending to be a parameter
	  in all places can put attr des. i.e. attr des treated
	  as a param;

	 erik: can't do w/o schema chg

	 jean-paul: stated objective to solve dynamic,static
	  use cases w/o chgs to core spec.'

	 erik: static substitution can't put back in target
	  restrictions on what

	 bags in conditions are problematic

	jean-paul: core benefit is on target of rules;

	hal: do we need to choose?

	jean-paul: can discard option 1, but need to choose between
	 2 and 3. feels 3 distorts purpose of attr des; steven agrees;

	erik: thought could solve w attr desgs; for expansion need
	 something, but ow, 3 is sufficient;

	hal: likes idea of preprocessor doing something to policies;

	erik: rather than new param, put params in attrdes and have
	 pep that fills in values at runtime; pip would add the
	 info at runtime; diff is preprocessor would produce an
	 xml doc; plugging in attr values, rather than chging
	 policy

	jean-paul: want to manage thousands of similar policies,
	 want to just manage the template;



  delegation model/ admin category issue (erik, steven):
   https://lists.oasis-open.org/archives/xacml/201210/msg00092.html
   https://lists.oasis-open.org/archives/xacml/201210/msg00094.html

     issue: tagging of policy sets; either admin or access,
	lots of questions, possibly resolved:
           https://lists.oasis-open.org/archives/xacml/201211/msg00000.html


  date-time in range question:
   https://lists.oasis-open.org/archives/xacml/201210/msg00093.html

	not discussed; may be resolved on mail list





[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]