OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Minutes 3 October 2013 Meeting


Minutes for 3 October 2013 TC Meeting

I. Roll Call
  Voting Members
   Mohammad Jafari
   Steven Legg
   Rich Levinson
   Hal Lockhart (Chair)
   Bill Parducci (Chair)
   Remon Sinnema
   Danny Thorpe
   John Tolbert
   Chrystal Hayes

  Member 
   David Brossard

  Quorum Achieved - 80% (per Oasis)
   Yes. 

  Minutes 19 September 2013 TC Meeting
   APPROVED UNANIMOUSLY 
   
  
II. Administrivia
  OASIS IDtrust Member Section Steering Committee Elections
   Results have been posted on Oasis site.

  Minutes from OASIS & WEDI (Workgroup for Electronic Data Interchange)
   Hal reviewed WEDI background. There are a SAML, XACAML XSPA.
   Mohammad presented XSPA details. PIMRIM developed framework for
   comparing (human readable) policies. WEDI interested in
   procedures, compliance, etc. for healthcare. There was no
   immediate interesting in technical specification work.
   
  XACML MAP Authz Profile May 2013.ppt uploaded 
   Richard Hill posted presentation from last May for reference.

  JSON Profile
   David: Fixed public comment that was received. Addressed mistakes
          identified by Steven. 
   Hal: TC is encouraged to review with intent to vote for Public 
        Review at next meeting.  
        
  Meeting Time
   Hal: We will need to consider adjusting the meeting time on the next
        call with the change in Daylight Savings coming up.
        
III. Issues
  Query filtering and XACML
   A question introduced to the TC List by John Tolbert on behalf of
   Eli Lily regarding filtration of SQL data. Hal responded on the list
   and noted that Jan Hermann also posted on list reference to previous
   OCG work.
  
  IP Address comparisons:
   Hal: There are convert to string functions that allows for some form
        of IP matching. This is issue 93 in the wiki. 
        If it is determined that there in a need for this it could be in
        addressed in a Profile now.
  John: Could whomever feels the most confident with this add it to the
        existing Profile?
  Hal: We need to determine what what is important in Use Cases,
       possibly by looking at common examples in firewalls that have
       to enforce by IP. Exact match? Subnet? Range? If we get this 
       right it would be something we would eventually want to move to 
       the Core Specification.
  Bill: I would be interested in working on this.
  Hal: I am interested in continuing to pursue this as well. Anyone else that 
       is interested please notify us.
  
  Media type application/xacml+xml - 
   This has been successfully registered. 
   Remon: There is typically a section in the specifications for this.
   HAL: Yes, it should go in REST Profile. SAML Profile?
  
  Policy Distribution
   Hal: Still working on it. Hope to produce an initial draft. First 
        working on requirements of architecture and abstract version of
        protocol. Will try to write up RESFTul and SOAP protools while
        the TC is evaluating abstract logic. 

Meeting adjourned.
  



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]