XACML Conference Call
Date: Thursday, December
13, 2001
Time: 10:00 AM EST
Tel: 512-225-3050 Access Code: 65998
Minutes of Meeting
Summary
We reviewed the action items from last week and then discussed the
progress being made in the policy model subcommittee. A lot of issues are being
discussed but there has not been a clear tracking of issues and their
resolution which is hampering progress. The subcommittee is also putting
together use/test cases for the policy model. It is more likely the policy model
will not be complete until the end of January. We agreed upon having the next
Face to Face at the LAX Hilton on 1/23-1/24. The next conference call will not
be until January 10th because of the holidays.
Action Items
1. Hal
agreed to ask Karl best to issue a call for intellectual property claims to the
oasis membership list.
2. Bill
and Gil agreed to collaborate on exploring this subject (DSLM and ldap
profile), and reporting back to the technical committee.
3. Submit
Policy Model Test Cases to list by Friday for discussion at Monday’s Policy
Model Subcommittee meeting.
4. Carlisle
will contact Pierangela and ask her to clarify and publish open issues along
with their champion.
5. Ken
will incorporate the issues from the Policy Model subcommittee into the general
issues document and publish regularly to website
6. Carlisle
to update his statement on successfully using XACML to include the
clarification and repost to the list and website.
7. Begin
flagging issues for Security and Privacy Considerations (Joe?)
8. Bill
to send reservation information to Carlisle and Carlisle to post announcement
of F2F to list.
Votes
- Voted to
accept the minutes of the 11/29/01 meeting
- Voted to hold
the next F2F at the LAX Hilton in Los Angeles on 1/23 and 1/24
Raw Minutes (taken by Ken Yagen)
Proposed Agenda:
10:00-10:10 Roll Call and Agenda Review
10:10-10:15 Vote to accept minutes of November 29 meeting
http://lists.oasis-open.org/archives/xacml/200112/msg00021.html
10:15-10:25 Review of Action Items (see 11/29 minutes)
10:25-10:35 Report of Policy Model Sub-Committee
10:35-10:50 Discussion of Overall Status and Schedule
(including open/closed items on current issues list, as well as IP, Security and Privacy
Considerations, and Conformance / Test Cases subcommittees)
10:50-11:55 Discussion of Proposal for "Successfully Using the
XACML Specification"
10:55-11:00 Discussion of Proposal for next face-to-face meeting
10:05 Attendance
Voting Members
Simon Godik, Crosslogix
Ken Yagen, Crosslogix
Hal Lockhart, Entegrity
Carlisle Adams, Entrust
Tim Moses, Entrust
Don Flinn, Hitachi
Jason Rouault, HP
Michiharu Kudoh, IBM
Christopher McLaren, Netegrity
Bill Parducci, Self
Prospective Members
Sekhar Vajjhala, Sun Microsystems
Anne Anderson, Sun Microsystems
7:09 approve minutes
7:10 action items
Hal to talk to Karl best – will do so. Have not done yet
Bill converted pierangela’s document to pdf
Will discuss f2f location later
Will discuss carlisle’s definition later
Bill has not been able to reach gil to discuss dsml and ldap. Hal to
send him Gil’s email
7:12 status report of policy model meeting
Simon – discussed the proposal to submit use cases from which we’ll try
to develop example schemas. Discussed issue of how to merge policies. Discussed
potential use cases like java security use case
Carlisle – are we making progress towards schedule. Are there major
issues?
Hal – were a number of people on call for first time. Think still at
stage of sorting out basic concepts.
Ken – are use cases different from what we developed before?
Tim – prefer to use the term test cases
Carlisle – more explicit and turn them into actual test cases in actual
syntax. Use to determine what syntax is most appropriate
Bill – test cases or model candidates
Carlisle – will accompany the model and when pick syntax for model,
these will become conformance test cases.
Tim submitted role hierarchy, simon submitted some stuff in tim’s
appendix and sekhar and anne were to do java applets and pulling policies from
different locations and how they will be composed and merged.
Simon – might submit unix file system semantics test case
Michaharu – xml document test case
Hal – bill submitted email filtering with implied semantics
7:25 overall schedule
Draft policy model by december 14
Hal – have a working glossary that will continue to evolve
Carlisle – sounding like end of january?
Tim – think realistic at the earliest
Carlisle – probably puts march 1st deadline in jeaporady.
Tim – in my mind i don’t have a clear roadmap from here to submission.
What milestones are there and are we making progress
Carlisle – thought they would show up in proposed table of contents
Tim – have not carved up into tasks that we understand the sense of and
know people are working on.
Sekhar – got a sense of the same. Pm subcommittee issues are being
brought to the table but are left open and not being discussed.
Pierangela is not circulating issues list to the committee
Ken – work with pierangela to better identify issues in pm
Message from
Simon – propose ask pierangela to be more explicit and publish this
list
Ken – maintain overall list and pierangela feed issues to me and i
publish to whole tc.
Simon – subcommittee leader must maintain their own list.
Hal- reluctance to write down issues because people don’t understand
them well enough yet.
Tim – no champion that wants to defend something with specific concrete
examples. In saml – every issue must have a champion and a clear proposal for a
solution. But saml is at a late
stage right now.
Carlisle – action to myself to contact pierangela and ask her to be
more specific and issues with champion and known solution. Publish to subc and
get to ken and ken to publish regularly to tc list and website.
Tim – perhaps it should form the basis of the policy model subc agenda.
7:42 – security and privacy considerations
Carlisle – joe was to chair committee but no activity
Hal – not a problem at this point. Biggest issue is various
implications of negative statements, the various flavors and implications of
those.
Ken – flag those in the issues list
Carlisle – some environments policy will need to be authenticated,
confidentiality issues, etc. Joe should flag those
Tim – should i paste in the raw issues into 0.8?
Hal – suggest keep it separate. Once document at 75% will want a list
of document issues – what is needed to finish it. Suggest putting in tentative
subheadings
7:47 carlisle’s proposed text
Carlisle – one question raised which was answered.
Hal – suggest incorporate the clarification
Carlisle – will revise it to include clarification and have it posted
to the website.
Hal – suggest add paragraph that implementations that may have internal
represenations that are proprietary and xacml is an exchange format
7:49 f2f meeting
Carlisle – bill proposal 1/23,1/24 at la hilton at lax airport. Several
said location and time were fine.
Hal – motion we agree to have the f2f at that location and time
Voted and accepted.
Bill – post information to list on how to make reservations.
Hal – please post a separate message to alert people
Bill will send information to carlisle and he will post it.
7:53 when is the appropriate time for
next call
Ken – suggest pm subc move meeting 1st week of jan to the 3rd (thurs)
Carlisle – next meeting will be on jan 10th
7:56 adjourn