OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Minutes for 21 March 2013 TC Meeting - UPDATED (Attendee list)

Time: 16:30 EDT (GMT-0400; i.e. 20:30 GMT)
 Tel: 513-241-0892
 Access Code: 65998

 Minutes for 21 March 2013 TC Meeting - UPDATED
  (Updated attendee list)

 I. Roll Call

Meeting Attendees   Spreadsheet
Company	Name ascending	Role

The Boeing Company	Crystal Hayes	Voting Member
The Boeing Company	Richard Hill    Voting Member
Veterans Health 	Mohammad Jafari	Voting Member
ViewDS			Steven Legg	Voting Member
Oracle			Rich Levinson	Secretary
Individual		Bill Parducci	Chair
EMC			Remon Sinnema	Voting Member
BAE SYSTEMS plc		Richard Skedd	Member
Quest Software		Danny Thorpe	Voting Member
The Boeing Company	John Tolbert	Voting Member 

Boeing			Greg Smith	Guest

Quorum rule		51% of voting members
Achieved quorum		yes
Individual Attendance	Guest Attendees: 1 
Contributing Members:	9 of 64 (14%) 
Voting Members: 	8 of 11 (72%) (used for quorum calculation) 
Company Attendance
  Contributing Companies:	8 of 31 (25%) 
  Voting Companies:		7 of 8 (87%) 

    bill: we have quorum

   Approve Minutes:
    7 March 2013 TC Meeting

     bill: no objection to unanimous acceptance of the minutes

 II. Adminstrivia

  What time will upcoming TC meetings be held at?
   Starting today the new meeting time is 4:30PM ET
   Since ET is now EDT, this is GMT -0400
    i.e. today's meeting is at 16:30 ET=EDT = 20:30 GMT

     bill: people are here so at least attendees are on board w new time

  Status EC-US/IPC Profiles
   The  Committee Spec (CS) version of the EC-US and IPC profiles
    have been published by TC-Admin:

   TC-Admin, john tolbert provided attestation sample w instructions:
   Attestations submitted:
    Boeing EC-US:
    Boeing IPC:
    Axiomatics EC-US and IPC:
    ViewDS EC-US and IPC:
    Oracle EC-US and IPC:

    john: enough attestations to move fwd, but maybe we can wait until
      the rest of the profiles catch up.

  RSA 2014 Interop commitments due by Mar 28, 2013 for OASIS premier space:
  RSA 2014 OASIS Demo Proposal - richard hill
   hal: comments to Jane Harnad on proposal logistics issues

   bill: oasis wants tc's to comment earlier

   richard: has contacted Jane, but no hard commitments yet.

  Status XACML REST Profile - any updates?
   15-day public review announced on Mar 1, 2013

   ray: there were no pub rev comments rcvd, so we are ready
	to go to next step:

   bill: next step is to move to CS draft 02 to CS

    VOTE: Request TC ADMIN to produce a Special Majority Vote to approve
         a Committee Specification for:
            REST Profile of XACML v3.0 V1.0
  Editable source (Authoritative):   

	ray: MOVES to make CS
	danny: SECONDS

	steven: rest profile depends on some things that have not shown
	 up yet as references

	  REST Profile: steven: question on schema availability:
	   ray's reply:

 	bill: will push fwd w best efforts and update spec when
	 any temp refs are resolved.

	bill: no objections heard to UNANIMOUS APPROVAL, motion approved
		(steven's comment noted).

  -> action: bill contact tc-admin to move process along

  RSA 2013 Interop update
   Post-Conference materials:
    Action Item: Hal will gather materials from interop, confirm
                approval to share and post demo materials.
     not discussed (hal not here this mtg)

  XACML 3.0 OS: need process for issues and errata: (action: set up wiki)
   From Mar 7 minutes:
   Hal: There is an official process for errata. Main limitation is
        only releasable annually. The wiki is likely the best place to
        capture the errata. 

  ->  bill: will put fresh entry on wiki:

      rich: the following items will be added to wiki entry
	(in addition to prev comments on obls clarifying
	 the "ambiguity" in the combining algs):

  XACML 3.0 core OS new issues: add these to errata wiki:
   Specific cases of multiple category elements need definitive
    process descriptions; in particular, is there reqt that a
    pdp decision must be based on at most one element per category
    per decision.
   Ambiguity between normative text in section 5.56 <StatusCode> wrt
    cardinality of StatusCode/StatusCode [Any Number] and the
    xml schema defn that has cardinality 0:1.

 III. Issues

  XSPA healthcare profile was uploaded March 7:
  XSPA - XACML Obligation Profile for Healthcare Version 1.0
   comments are expected
    Comments on spec:

  mtg discussion on health care obls and profile:

    steven: scope of obligations OAA might not align w the policies
	in terms of scope; won't be any one policy that carries the
	obligation, any policy should carry it; obls don't match
	up w responsibilities of people writing policies; 2 stage
	process: uses xacml core: context handler gets decision,
	then posts a 2nd request to the obligation authority;
	2nd body of access ctl policies - any additional obls
	are then attached to response; merged to original response.

	it's basically an extension to the pdp; not about obl

	in steven's resp to healthcare mentioned that obl families
	might be overengineered

    mohammad: spoke to some industry people; more to obl than what
	xacml currently supports; they are having a separate rules
	engine to do obls, but current version of xacml will have
	problems combining obls, so authority is not final soln
	to obl problems;

    steven: could mohammad summarize to list what the reqts are for
	these additional conditions

    mohammad: main use case they have is collecting obls from diff
	sources: reqt to combine all applicable obls to certain
	event; then 2. how to combine to resolve conflict etc. these
	kind of rules not supported by xacml;

	summary of issues being discussed on list: 1: how to collect
	obligations: 2: how to combine obl families; from conceptual
	level obls are more general than az decision;  ex. a permit
	override; it would put the permit obl over the deny obl.

	need to decide if we want to go that way

   steven: is it goal that obl engine be replaced

   mohammad: they are happy w their current design; not waiting for
	the obls to envelop the reqts;

	permit deny is very special form of obl.

	not speaking for 3rd parties here;

   bill: will be complex to introduce non-boolean decision; the
	unbounded scope of obls would make xacml too complex to
	support full generalization

  end mtg discussion on obls,profile.

  Other comments related to the spec and/or obligations - not discussed
   at mtg, but need to be summarized for review:
    Hal: issues related to obligations:
      David Chadwick:

     Rich: followup on comment on ambiguities in core spec wrt Obligations
       clarification on defn of ambiguity in this context:
      several additional emails expanding on the issue:
       most recent from bill:
         see those entitled:
          "Re: [xacml] Minutes 7 March TC Meeting - action on ambiguity
           wrt set of returned Obligations, Advice"

Other business: ?

  bill: none indicated

  bill: no objections to adjournment

	meeting adjourned: 5:08 PM EDT

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]