OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Minutes 25 July 2013 TC Meeting


I. Roll Call & Minutes
  Roll Call
   Voting Members
    Richard Hill
    Mohammad Jafari
    Steven Legg
    Rich Levinson
    Hal Lockhart (Chair)
    Bill Parducci (Chair)
    Remon Sinnema
    John Tolbert

  Members
   Danny Thorpe	Member

  Quorum reached.
   80% per Oasis

  Approve Minutes:
   11 July 2013 TC Meeting
    Approved unanimously.

II. Administrivia  
  Speaking Proposal for RSA Conference 2014
   2 weeks remaining for those that are interested.

  NIST SP 800-162 public review extended
   Hal: Continuing to accept comments. Overall positive experience. US 
        Government is taking the adoption of technologies such as XACML
        seriously.
   John: Agree on positive aspect of focus. Also, good to get focus on 
         ABAC. Discussed possible second Public Review after posting 
         comments received. Suggests that it is important to continue 
         to keep up to date on progress of this process. Format was not
         as interactive as he has hoped.
   Hal: This is definitely a long term process. 

  IDtrust Steering Committee annual Nominations and Election Process
   Nominations open until July 31, 2013

  XACML MAP Authorization Profile uploaded - WD-02
   Richard: Some of the changes reflect updates to specification,
            diagrams, non-normative examples. Received feedback from 
            Steven Legg that is being incorporated. The 30th is
            deadline feedback. Document is in 90 percentile of being 
            complete (pending updates from input on list). 
   Hal: It looks like Committee Draft may be happening in August.
   Richard: Yes.

  JSON Profile
   Motion: TC to approve "Request / Response Interface based on JSON
           and HTTP for XACML 3.0 Version 1.0, Working Draft 14" and 
           all associated artifacts packaged together in
           https://www.oasis-open.org/committees/document.php?document_id=49937&wg_abbrev=xacml
           as a Committee Specification Draft  and that this artifact,
           in turn be approved for submission by the TC to TC-ADMIN for
           30-day Public Review. The .doc version of the Working Draft
           is designated as authoritative.
   So moved: Remon
   Seconded: Bill
   VOTE: Approved unanimously

III. Issues
  Entity... Category... Attributes - JSON profile              
   Hal: Current position is to keep compatibility although naming is
        not ideal. There have been numerous proposals about changes
        that would be significant. The TC needs to decide if it is
        interested in pursuing such changes. TC members are encouraged
        to discuss with their organizations to determine if there is
        interest changes at this level. This would also require at
        least one person to take on the role of Editor.
   Levinson: I basically agree with the decision to use naming as
             proposed. However he doesn't agree with the
             rationalization posted to the list.
   John: Starting work on v4.0 seems premature. Would really like to
         see the focus on Profiles for a while to encourage adoption.
         Perhaps expand into Policy distribution, etc.
  Levinson: I agree with John. Introducing v4.0 will confuse adopters
            on timing, etc. A wiki page that addresses these larger
            issues should be collected more extensively before heading
            in this direction.
   Hal: The assumption is that Profile work would continue. There is a 
        growing list of issues that may apply to a new version. Propose 
        that the TC test the waters with a number of these ideas to
        develop a consensus of whether or not to proceed in a more
        holistic manner.
   John: Now that a number of vendors support v3 it would be interesting
         to solicit "real world" sampling from the various members of the
         TC to help expand the horizon of how XACML is being
         implemented, focusing on where it works well, issues, etc.
   Hal: TC members are encouraged to contribute to the list.
   Danny: Custom functions to tear apart URIs is an example that we run up
          against.

  How to get attributes from other categories
   Rich: Awaiting feedback before discussing further.
   Steven: Sent a response. Will resend.

  Subject Categories
   Hal: Noted on list a 5th type ("codebase")
   Mohammad: We decide in XSPA to develop  Profile for healthcare
             classification. Yesterday the group decided to send it to
             the TC for consideration. Submission will happen at the
             end of August. This is a second Profile, not an update to
             the XSPA Profile in progress now.

meeting adjourned.



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]