XACML TC Meeting - 20 March 2003 10am
Present:
Anne Anderson - minute taker
Carlisle Adams
Tony Nadalin - prospective
Michiharu Kudo
Ken Yagen
Tim Moses
Simon Godik
Maryann Hondo - prospective?
Hal Lockhart
Quorum present.
1. Previous minutes
Approved 2nd Draft Minutes from 6 March 2003 TC meeting
From: Anne Anderson
Date: Thu, 06 Mar 2003 14:36:22 -0500
Subject: [xacml] 2nd Draft Minutes of 6 March 2003 TC Meeting
2. Status of XACML 1.1 possible work items
Concrete problem statements due by 3 April 2003.
a) Fully specify hierarchical resources [Simon lead; Satoshi,
Michiharu]
DONE.
From: Anne Anderson <Anne.Anderson@Sun.COM>
Date: Tue, 11 Mar 2003 13:27:42 -0500
To: XACML TC <xacml@lists.oasis-open.org>
Subject: [xacml] Problem Statement for "Fully specify hierarchical resources"
b) Define new combining algorithms for deterministic
Obligations. [Michiharu lead?]
NOT DONE.
c) ebXML: Allow references to Rules (as we now allow for
policies and policy sets) [Anne]
DONE.
From: Anne Anderson <Anne.Anderson@sun.com>
Date: Thu, 20 Mar 2003 09:39:37 -0500
To: XACML TC <xacml@lists.oasis-open.org>
Subject: [xacml] Concrete problem statement for references to rules
d) Incorporate fixes for errata
ACTION ITEM: Simon Godik.
e) Condition reference: From the policy, a specific condition
expression is referred to by using condition ID that is
defined in the condition definition block. [Michiharu]
DONE.
From: "Michiharu Kudoh" <KUDO@jp.ibm.com>
Date: Thu, 20 Mar 2003 20:21:59 +0900
To: XACML TC <xacml@lists.oasis-open.org>
Subject: [xacml] Problem Statement for "Condition Reference"
f) Properties for new combining algorithms [Michiharu]
DONE.
From: "Michiharu Kudoh" <KUDO@jp.ibm.com>
Date: Thu, 20 Mar 2003 20:06:14 +0900
To: XACML TC <xacml@lists.oasis-open.org>
Subject: [xacml] Problem Statement for "Properties for new combining algorithms"
g) Obligations in rule element [Michiharu] DONE
DONE: http://lists.oasis-open.org/archives/xacml/200303/msg00006.html
h) Define any elements needed in the XACML schemas for use by
a Digital Signature envelope for XACML [Anne; proposals
invited]
NONE NEEDED. Item closed unless proposal submitted.
i) Add an ID Attribute so can reference elements easily for
use with Digital Signatures.
ACTION ITEM: Simon
3. Status of XACML 2.0 items
4. XACML Extensions
a) Web Services Policy Language (WSPL) [Anne lead; Tim,
Simon, Maryann, Tony]
Use cases, requirements posted:
From: Tim Moses <tim.moses@entrust.com>
Date: Fri, 07 Mar 2003 11:46:27 -0500
To: "'XACML'" <xacml@lists.oasis-open.org>
Subject: [xacml] WSPL use-cases
Anne posted a proposal:
From: Anne Anderson <Anne.Anderson@sun.com>
Date: Thu, 20 Mar 2003 09:21:17 -0500
To: XACML TC <xacml@lists.oasis-open.org>
Subject: [xacml] Evaluating XACML as a Policy Language - Draft 2.0
Tim to post a proposal today
Tony, Maryann will submit alternate proposals
b) Information about how/where to obtain policies and
attributes; how to authenticate them (e.g. trust anchors)
[Anne]
STATUS: Probably not to be submitted until WSPL work is
done.
7. XACML for privacy policies (exploration of whether and how
XACML can be used to express privacy policies) [Carlisle lead;
Bill, Simon, Michiharu]
STATUS: Carlisle has done some thinking about this; hopes
to write up in next few weeks. Simon may also post
something, but will definitely participate in discussion.
IBM Zurich has done some work in this area: EPAL; Tony will
send URL to mailing list. W3C is starting up privacy work
with web services: P3P.
2f) Define a set of domain-specific identifiers (action,
combining algorithm etc.) that are used in well-known
domains e.g. UNIX ACL, Windows, database ... [Michiharu]
STATUS: Michiharu will start posting around April or May.
4. WSPL Sub-committee
Tentative plan to hold WSPL subcommittee meetings on Mondays
from 10-11am, starting 31 March 2003. To be confirmed on the
mailing list (some members may not be available; depends on
additional proposals to mailing list that need voice-to-voice
discussion).
Try to put "WSPL" in the Subject line for WSPL topics on
mailing list.
5. Conformance Test Suite
STATUS: several updates posted. Most recent:
From: Anne Anderson <Anne.Anderson@Sun.COM>
Date: Tue, 11 Mar 2003 14:17:17 -0500
To: XACML TC <xacml@lists.oasis-open.org>,
XACML COMMENT <xacml-comment@lists.oasis-open.org>
Subject: [xacml-comment] Updated XACML Conformance Test Suite
New tests submitted by Satoshi Hada not yet incorporated, but
will be soon. Possibility of Satoshi taking over maintenance
of the Test Suite: Michiharu and Satoshi will discuss
off-line.
6. Meeting time
Possibility of changing meeting time to be more convenient for
Japan. 10am EST is midnight Japan time. Daylight Saving Time
will start 1st Sunday of April in US and last Sunday in March
in EU. Michiharu prefers 11pm to 7am Japan time. Gerald is
only European member currently. Carlisle will post some
options to mailing list.
7. Primer: Brief Introduction to XACML
Sun has contributed document to XACML:
From: Anne Anderson <Anne.Anderson@sun.com>
Date: Fri, 14 Mar 2003 12:36:02 -0500
To: XACML TC <xacml@lists.oasis-open.org>
Subject: [xacml] Contribution: A Brief Introduction to XACML
Hal says almost no overlap with the document he is composing.
9. Implementer's Guide
Hal posted a Word version of the Implementer's Guide:
From: Hal Lockhart <hlockhar@bea.com>
Date: Wed, 12 Mar 2003 11:59:25 -0500
To: xacml@lists.oasis-open.org
Subject: [xacml] Initial Implementer's Guide
One comment has come in on mis-interpretation of one of the
combining algorithms and meaning of "singleton bag":
From: Satoshi Hada <SATOSHIH@jp.ibm.com>
Date: Thu, 13 Mar 2003 10:57:41 +0900
To: xacml@lists.oasis-open.org
Subject: Re: [xacml] Initial Implementer's Guide
10. XACML XML DSig Profile
Updated version posted:
From: Anne Anderson <Anne.Anderson@Sun.COM>
Date: Thu, 20 Mar 2003 09:30:09 -0500
To: XACML TC <xacml@lists.oasis-open.org>
Subject: [xacml] XACML XML DSig Profile 0.2
11. Input to SAML 2.0
Revised document posted:
From: Anne Anderson <Anne.Anderson@sun.com>
Date: Thu, 20 Mar 2003 09:11:34 -0500
To: XACML TC <xacml@lists.oasis-open.org>
Subject: [xacml] SAML Profile draft
Schedule vote on submitting to SAML for next TC meeting. Post
comments in the next week, so we can update proposal prior to
vote if necessary.
12. Simon Godik's e-mail to list being rejected.
Current address is: simon.godik@overxeer.com
Hal will fix this on the xacml list.
13. Upcoming meetings
17 Mar 2003, 10-11am EST: XACML Focus Group
31 Mar 2003, 10-11am EST: XACML WSPL SC (tentative)
3 Apr 2003, 10-11am EDT: XACML TC
Adjourned at 10:48am.