[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes 19 September 2013 TC Meeting
I. Roll Call & Minutes Roll Call Voting Members Hal Lockhart (Chair) Bill Parducci (Chair) Crystal Hayes Richard Hill Mohammad Jafari Steven Legg Rich Levinson Remon Sinnema Danny Thorpe John Tolbert Quorum reached. 100% (per Oasis site) Approve Minutes: 5 September 2013 TC Meeting Approved unanimously. I. Roll Call & Minutes Approve Minutes: 5 September 2013 TC Meeting https://lists.oasis-open.org/archives/xacml/201309/msg00003.html II. Administrivia OASIS IDtrust Member Section Steering Committee Elections Now Closed Groups - DLP-NAC profile uploaded Hal: FYI: NAC = Network Access Control, DLP = Data Loss Prevention John: Posted to being review and discussion by the TC Mohammad: there seems to be a similarity to this and rights management Languages? Hal: The original requirements for XACML included aspects of Rights Management. The two concepts are quite similar. John: Is there something specific that the TC may be able to benefit from? Misc John: Working session planned for October is on hold for now Combining Algorithm question Noted: https://lists.oasis-open.org/archives/xacml/201309/msg00006.html XACML v3.0 errata page Bill: Erik posted a message to the list noting that he had responded to the topics raised to date. DPM TEM XACML Slide Content Richard: I'd like to collect feedback from the TC and provide it back to the DPM group. Hal: As noted on list, the SAML Profile is a Committee Specification so it has indeed been updated for XACML v3.0 III. Issues Policy Distribution Richard: I still intend to Use Cases for this Hal: I will present some Use Cases in the Profile that you can add to ForAny Procedural Steven: Noted that Erik agreed with the general approach proposed by him. Rich: I am still working on a set of functions to address this. XPath in XACML (background) Bill noted that Erik provided background information on the nature of XPath with respect to the XACML specification. Related and Embedded Entities Profile - Starter Steven: This is my solution to the attributes and relations topic. IP Addresses Hal: The response to the question about IP data type matching not being possible because it doesn't have a canonical form doesn't make sense. Bill: That is correct, once you have identified IPv4 vs IPv6. There are two paths you can choose for matching: netmask or simple text. Netmask is the more typical. It doesn't have the concept of "wildcards" per se. For example 192.168.1.0/24 is how the text version of "192.168.1.*" would be represented. Mohammad: This also applies to exchange of policies in Exchange Profile for Policies. Hal: Any Use Cases that seem applicable are welcome into the discussion. meeting adjourned.