Subject: Re: [xacml] Standardization Status of Documents
Hi Martin, Hal,
based on the use cases I am dealing with, I would name the following profiles being the most active/important… ones in descending order:
Followed with some gap by:
· Hierarchical Resource
· Multiple Decision
Another thought on XACML Profiles: Quite some time ago I read Hal`s paper on the relation of OAuth2 and XACML. Do you know of people using XACML within a OAuth ecosystem? Did the TC ever discuss if an OAUTH2 profile of XACML (or vice versa) makes sense? Here at Siemens OAuth based IAM solutions are rapidly spreading and some guidance how fine grained authorization with XACML can be married with token based authentication à la OAuth might help to solve use cases and also help XACML’s popularity/usage in practice.
CT RDA ITS SEA-DE
81739 Muenchen, Germany
Tel.: +49 89 636-633675
Fax: +49 89 636-48000
Mobile: +49 173 3157961
Siemens Aktiengesellschaft: Chairman of the Supervisory Board: Gerhard Cromme; Managing Board: Joe Kaeser, Chairman, President and Chief Executive Officer; Roland Busch, Lisa Davis, Klaus Helmrich, Janina Kugel, Siegfried Russwurm, Ralf P. Thomas; Registered offices: Berlin and Munich, Germany; Commercial registries: Berlin Charlottenburg, HRB 12300, Munich, HRB 6684; WEEE-Reg.-No. DE 23691322
Hal-- I think your message below is what you mentioned in last call's discussion of which profiles we might want to submit for the IDESG Standards Registry.
I'll put together a draft IDESG Nomination form bundling these together (but separately from the core v3 spec draft nomination I posted.)
Recall that (at least according to Jamie, who is very familiar with the IDESG processes) OASIS Committee Specs should be eligible for the IDESG Standards Registry. But of course it can't hurt to have a Profile on track to OASIS Standard.
And I do agree that it would be good to affirm implementations for JSON and REST (and SAML..?) One of the IDESG eval points is "interoperability" and being able to say XACML works with JSON and REST would be a talking point on that issue.
So, are you thinking we should all the Profiles below in the nomination form for IDESG? If not, can anyone suggest a "most relevant/important/active" subset?
Additional Combining Algs.
Also another request for help. Given the available space on the Nomination Form and the limited review bandwidth available to the IDESG SCC, it would be GREAT to have 1-line bullets expressing the relevance/importance/target-use-case of each of the Profiles we include. (I can try to extract this myself from the Profile introductions, but I expect the authors of each Profile could summarize theirs better.)
On Thu, May 26, 2016 at 10:41 AM, Hal Lockhart <firstname.lastname@example.org> wrote:
The following documents have reached OASIS Standard.
The TC does not plan to progress the following document past Committee Specification at the current time.
Administration & Delegation
The following documents have reached CS, but not yet received any Statements of Use.
I found SoU's against the following documents.
Hierarchical Resource Axiomatics
Multiple Decision Axiomatics
REST Axiomatics, EMC
Additional Combining Algs. Axiomatics, EMC
Does anyone have any corrections or additions to the above?
Can we get some more SOU’s for REST & JSON? I believe these are the ones that people want to use. (Or are using.)