Here is the charter with minor refinements.
Notes:
1. Scope has been expanded - to include an authorization model.
2. Non-goals of XACML are still missing (if any of you want to take a
stab at it, please do)
We can talk about this tomorrow.
----------------------------------------------------------------------------
-----------------
Product of TC
XACML TC will define a core XML schema for representing
entitlement policies, also called XACML
Policy Target
The target of a policy (hereafter referred to as "target") can be any object
that can be referenced in XML.
Protocols and bindings
XACML TC will define new protocols or identify bindings
to existing protocols (e.g., XPath, LDAP) intended as means of accessing and
communicating the policies
Scope
XACML is expected to address fine grained control of
authorized activities, the effect of characteristics of
the access requestor, the authorization protocol over
which the request is made, authorization based on classes
of activities, and content introspection (i.e. authorization
based on both the requestor and potentially attribute
values within the target where the values of
the attributes may not be known to the policy writer).
XACML is also expected to suggest a policy authorization model to guide
implementers of the authorization mechanism.
Extensibility
XACML core schema is extensible for as yet unknown features
Interoperability
XACML TC will define interoperability of XACML core schema
with other standards
Simon Blackwell
Suresh Damodaran
Fred Moses
-----------------------------------------------------www.stercomm.com-------
------------------------------------------------------
Suresh Damodaran, Ph.D. Sterling Commerce, a
SBC Company
Senior Software Architect 750 W. John
Carpenter Freeway
469-524-2676 (O) Irving, TX
75039-2505