OASIS eXtensible Access Control Markup Language (XACML) TC

  • 1.  Minutes 27 August 2009 TC Meeting

    Posted 08-27-2009 15:14
    Time: 10:00 am EDT
    
    1. Roll Call
        Hal Lockhart (Chair)
        Bill Parducci (Co-Chair, minutes)
        Erik Rissanen
        Paul Tyson
        Rich Levinson
        Seth Proctor
        John Tolbert
        Duane DeCouteau
        David Staggs
    
      Voting Members 9 of 10
    
      Non-Voting
        Gareth Richards
        Vernon Murdoch
    
    2. Administrivia
        Meeting started late due to issues with the new phone number.
    
        Vote to approve Minutes from 13 August 2009 TC Meeting
        APPROVED unanimously
    
        XSPA Attestations
        VA, Jericho Systems, Sun and Redhat have notified the TC that
        they are successfully using XSPA.
    
        Duane moved that the TC certify that the XML fragments within the
        XSPA are well formed and correct and that the document doesn't
        contain and substantial changes. Bill seconded.
        VOTE: passed unanimously
    
        Duane will update the name of the XSPA document to include
        "Committee Specification" and present to the Chairs at which point
        the Chairs will request the Admin to call a Vote to approve.
    
        ODF Document Controls Profile uploaded
        John noted that this version incorporates changes made per Erik's
        suggestions re: proper formatting.
    
    3. Issues
        Attribute Manifest File
        Hal reviewed AMF, describing its mechanism for communicating
        metadata about information via attributes (which may be used in
        making access control policy decisions).
    
        Paul suggested that RDF be considered for making the solution more
        flexible and as an efficient tie into an Enterprise Ontology
        solution.
    
        Seth asked what the primary Use Cases are. Hal offered that it
        primarily tries to address how to handle missing attributes.
    
        Paul offered that this type of information needs to be persisted
        somehow and that this represents an attempt to do so in a standard
        manner.
    
        Hal asked if Paul could provide non-proprietary examples that may
        be used for consideration in exploring RDF.
    
        Paul will submit appropriate examples on the wiki as available.
    
        Hal noted that the format of the currently posted document will
        be modified to conform more closely to the Oasis standard.
    
    4. Outstanding Issues
    
        AttributeAssignmentExpression
        http://lists.oasis-open.org/archives/xacml/200908/msg00013.html
    
        Core Conformance
        http://lists.oasis-open.org/archives/xacml/200907/msg00022.html
    
        XACML Future Work
        http://lists.oasis-open.org/archives/xacml/200907/msg00026.html
        http://lists.oasis-open.org/archives/xacml/200907/msg00027.html
    
        Comments on XACML v3 (Aggregated by Erik)
        http://lists.oasis-open.org/archives/xacml/200908/msg00014.html
    
    
    meeting adjourned.
    


  • 2.  RE: [xacml] Minutes 27 August 2009 TC Meeting

    Posted 08-31-2009 04:37
    Hi Bill
    
    The procedures in the OASIS TC guide requires a vote (certification) on
    the XML fragments, a statement that no substantive changes have been
    made, and the agreement to create an electronic vote to send the CS to
    the membership ballot as a full standard.
    
    Therefore the section below in your proposed minutes:
    
        Duane will update the name of the XSPA document to include
        "Committee Specification" and present to the Chairs at which point
        the Chairs will request the Admin to call a Vote to approve.
    
    will not meet Mary's requirements, as taken from the OASIS policy.
    Duane said that both votes occurred (I was late), so if that's correct,
    could you rephrase this section (placed after the XML certification) to
    be:
    
        Duane asked to advance the "Committee Specification" to a full 
        membership vote as an OASIS standard.  As required by OASIS policy, 
        Duane moved to request the TC Admin to create an electronic vote 
        in order for the TC to approve the creation of a full membership
    vote.  
        VOTE: passed unanimously
    
        Duane will update the name of the XSPA document as required, collect
    
        all additional information, and present to the Chairs at which point
    
        the Chairs will request the Admin to create an electronic vote for
    the 
        TC to approve the CS be sent to the full membership.
    
    Thanks, I have to include a link to the minutes with the proper wording
    in our materials to Mary before she will kick off the electronic vote.
    
    Regards,
    David
    David Staggs, JD, CISSP (SAIC)
    Veterans Health Administration
    Chief Health Informatics Office
    Emerging Health Technologies