I Roll Call & Minutes
Attendees
Hal Lockhart (Co-chair)
Bill Parducci (Co-chair, minutes)
Anthony Nadalin
Abbie Barbir
Erik Rissanen
Anne Anderson
Seth Proctor
David Staggs
Kamalendu Biswas
Argyn Kuketayev
Rich Levinson
Quorum was achieved (84% per Kavi)
VOTE: Unanimous APPROVAL of revised minutes from 4 January 2007
II Administrivia
F2F
Tentative date was chosen as March 13th-14th
TC will propose potential locations to the list
Bill will generate a new ballot based upon proposed locations
Anne has posted the References document to the site.
Anne has linked an updated XACML References and Products
document to the TC Web Page.
III Issues
Issue #34
Erik raised "import circularity" issues introduced in v3 as a
result of Policy Issuer being required for the Policy Schema.
The TC
discussed how best to deal with this. The general consensus of
the TC that the Context and Policy Schemas be merged.
Issue #5: Policies included in a decision request
Anne will repost her proposal on the list in response to
discussion on the list.
Anne proposed semantics for policies that are provided by a PEP
as part of an authorization decision request. The version in
http://lists.oasis-open.org/archives/xacml/200701/msg00013.html
was generally approved, with three changes: 1) these policies
will be part of the SAML XACMLAuthzDecisionQuery, not part of
the core Request Context, 2) Change "MAY" to "MUST" in: "the
policies MAY be used by the PDP for evaluation of the current
authorization decision request only", 3) make it clear that the
combining algorithm by which these policies are combined with
other applicable policies is the one in the "top level/root
policy" used by the PDP, and not some new combining algorithm.
Anne will redraft this for inclusion in the next release of the
2.1 version of the XACML SAML Profile.
Issue #35: Attribute timing
The issue concerns a PDP that wants to advertise whether it uses
Attribute values as of the time of policy evaluation vs.
Attribute values as of the time the policy was issued. Anne's
proposal is that these options be included in the mechanism
proposed in Issue #36: PDP metadata; in fact, attribute timing
is already listed in that issue as a potential metadata element.
The TC approved this approach to advertising attribute timing,
so Issue #35 is CLOSED.
Issue - New
Erik reviewed an earlier discussion on Administrative Policy
reduction and will post and outline of the Issue and a proposed
solution to the list.
meeting adjourned.