OASIS eXtensible Access Control Markup Language (XACML) TC

RE: [xacml] Draft minutes (take 2)

  • 1.  RE: [xacml] Draft minutes (take 2)

    Posted 10-06-2003 18:39
     MHonArc v2.5.0b2 -->
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    

    xacml message

    [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


    Subject: RE: [xacml] Draft minutes (take 2)


    Draft minutes
    Committee: XACML
    Date: 2 Oct 2003
    
    Present:
    Daniel Engovatov
    Michiharu Kudo
    Polar Humenn
    Tim Moses
    Rebekah Lepro
    Tony Nadalin
    Seth Proctor
    Anne Anderson
    Frank Siebenlist
    Jamie Clark
    
    Chair:
    Anne Anderson for Hal Lockhart and Bill Parducci
    
    1.	The meeting came to order at 11:00am Eastern.
    
    2. Rebekah introduced herself.  She has been following the XACML activity
    for some time, and recently decided to get actively involved.  Her interests
    include distributed authorization in a GRID architecture.
    
    3. The agenda was reviewed and agreed.
    
    4. WSPL vote
    
    The question of whether or not WSPL is within the scope of the XACML TC
    charter is open.  Jamie explained how OASIS deals with such issues.  The
    OASIS staff strongly encourages TCs to sort these issues out for themselves.
    This can be achieved by a simple majority vote.  Anyone who disagrees with
    the outcome can appeal to TC admin (Karl and Jamie).  Jamie listed three
    possible avenues:
    
    a.	Approve the specification and see if anyone objects;
    b.	Don't approve the specification and have someone raise the issue
    with staff; and
    c.	Modify the specification such that it is incontrovertibly in-scope.
    
    A motion was put to the meeting:
    The XACML TC asserts that the current draft of the Web-services profile
    specification, modified to apply only to access-control, authorization and
    entitlements, is within the scope of the XACML TC charter.
    
    For: 6
    Against: 2
    Carried.
    
    Tony raised the point that, with this new limitation on the applicability of
    the specification, the opportunity for different aspects of policy to be
    solved in different ways exists, and that this was not desirable.  This was
    generally agreed.  It was felt that a new TC should be chartered to come up
    with a common scheme for all aspects of policy in the Web-services
    architecture.
    
    Tim offered to organize the first charter discussion, and anyone interested
    in participating should let Tim know his or her availability over the next
    week.
    Tony, Anne and Frank offered to participate.
    
    Tony said that WSPL bears some similarity to a document presented to the WSS
    TC and that the contributors of that document made no explicit statement
    concerning IP.  Tim pointed out that the document in question had been
    prepared under OASIS IP rules.
    
    Frank made a suggestion to split the document into two parts: one to specify
    an algorithm for combining instances of XACML and the other to address ways
    of associating policy instances with interfaces.  It was agreed to consider
    this proposal at the upcoming face-to-face meeting, at which time we would
    have available the revised specification and the results of initial charter
    discussions.
    
    5. v2 work items
    
    Anne went through the list of proposed work items for XACML v2.
     1. Grid requirements.
     2. Location information (Anne and Daniel will submit proposals
        for discussion at the face-to-face).
     3. Multiple actions per request.
     4. Multiple resources per request.
     5. Privacy requirements (no champion).
     6. Domain-specific identifiers.
     7. Condition reference (for discussion at the face-to-face).
     8. RuleId reference (for discussion at the face-to-face).
     9. Hierarchical entities (for discussion at the face-to-face).
    10. Parameters for combining algorithms (for discussion at the
        face-to-face).
    11. Extension points (awaiting a proposal from Simon).
    12. Including Environment in target (for discussion at the face-to-face).
    13. Making the target element optional.
    14. Requirements for signature enveloping.
    15. Requirements for encryption.
    16. XACML Policy in SAML Response Conditions
    
        Candidate for closure, since the discussion at the SAML F2F
        determined that the use case requirements could be satisfied
        without it.
    
    17. XACML policy in SAML response condition.
    
        Candidate for closure, since the discussion at the SAML F2F
        determined that the use case requirements could be satisfied
        without it.
    
    18. Obligations in rules. (possible discussion at face-to-face)
    19. Rule as lowest administrative unit (for discussion at the
        face-to-face)
    20. Non-normative implementation guidelines.
    21. Primer.
    22. Time-in-range function (Seth has provided a proposal for
        discussion at the face-to-face).
    23. Xquery comparison functions (a proposal has been made for
        discussion at the face-to-face).
    24. Schema for function definitions (Daniel will submit a
        proposal for possible discussion at the face-to-face).
    25. Function for comparing file system pathnames.
    Remaining work items still to be reviewed
    
    6. Next meeting
    
    The focus group will meet on 9th Oct to continue considering the v2 work
    items.
    There was discussion about canceling the TC meeting on the 16th.  But, it
    was agreed to use the meeting to refine the agenda for the face-to-face.
    
    7. The meeting adjourned at 12:00 noon.
    


    [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]