OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Minutes for 23 June 2016 TC Meeting

Time: 4:30 PM EDT (-0400 GMT)
Tel: 1-712-775-7031
Access Code: 620-103-760

 Minutes for 23 June 2016 TC Meeting

I. Roll Call & Minutes

  Roll Call
    Voting Members
      Veterans Health Admin  Mohammad Jafari
      ViewDS Identity Solns  Steven Legg
      Oracle                 Rich Levinson
      Oracle                 Hal Lockhart
      Individual             Martin Smith
      The Boeing Company     Richard Hill
      EMC                    Remon Sinnema

     Quorum rule: 51% of voting members
      Achieved quorum: yes

  Approve Minutes 9 Jun 2016

	hal: objections to unan consent? none heard
	 minutes approved

II. Administrivia

  Recap of Document Status

     no changes: some still need statements of use

  Errata editor
    status update:
      Errata Starter docs

     richard: looking at issues on wiki, etc. so each can be tracked leading
	up to submission.

     hal: there are xacml-users items

  input on IDESG nomination:
   request to review doc submit form (attached to email) from martin:

     hal: put complete list in email; maybe core + others
	   hl7 didn't exactly endorse xacml but said it was a way to enforce

	some law enforcement appl in Conn. but not a broadbased federation

     martin: outgrowth of global justice activity;
	form says: "trust frameworks adopted" exact defn is not included
	 in order for std to be approved it has to pass thru process but
	 doesn't say anybody "has to use it".
     hal: mohammad can offline discuss w martin as to level of support that
	health industry has given to xacml stds.
	xspa is example; maybe others

     mohammad: access version 2 is on committee web site which has more specifics

	martin: -2 is current, -3 is in draft github: google 800-63-3;
	 take comments

	idesg looks like not going to adopt -2 because privacy group has issue
	 w lack of pseudonymity in interaction w federal web sites.

	-3 may support pseudonymity

	hal: xacml has tools that support multi-factor, etc. policy can evaluate
	 different types of authn events, and ability to report on denials w
	 reasons why.
	martin: has privacy capabilities, as opposed to features.
	hal: only privacy "feature" is ability to capture a "privacy" attribute.

	martin: once I give info to soc sec admin etc. how to prevent use of info
	 by others.

	mohammad: not usual to have fine grain rules for health records; have blanket
	 rules, plus obligations to redact other aspects of the records.

	hal: probably have all input we are getting on these docs; martin can proceed
	 to put together proposed submission

   Early bird for Borderless Cyber Europe ends next week

	borderless cyber europe

III. Issues

 No new issues posted.

	next call: july 7

	mtg adjourned 5:00 pm

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]