OASIS eXtensible Access Control Markup Language (XACML) TC

Back to discussions
Expand all | Collapse all

[xacml] Minutes from 18 November TC Meeting - UPDATED

  • 1.  [xacml] Minutes from 18 November TC Meeting - UPDATED

    Posted 11-20-2010 14:54 
    I. Roll Call
 Voting Members
  Hal Lockhart (Chair)
  Bill Parducci (Co-Chair, minutes)
  Erik Rissanen
  Paul Tyson
  Gareth Richards
  Rich Levinson
  John Tolbert
  David Staggs

Members
  Duane DeCouteau
  Franz-Stefan Preiss
  Gregory Neven
| Jan Herrmann

Quorum met: (66% per Kavi) 

II. Administrivia
 Approve Minutes:
  4 November 2010 TC Meeting:
  http://lists.oasis-open.org/archives/xacml/201011/msg00007.html
 APPROVED unanimously

III. Issues
 Primelife proposal Next Steps
  Hal suggested that it would be very difficult to creature a convention
  that would address attributes which would represent predicates.
  Gregory asked if possibly uri prefixes might denote these attributes?

  Gregory offered that a possible update to the SAML/XACML Profile
  mapping between predicates and local attributes

  Rich agreed that a Profile is the way to address this given the
  initial discussions, but that much more information is needed.

  Hal suggested that the Profile may possibly be aimed at the Context
  Handler. 

  Paul offered that whatever solution the TC comes up upon be a long
  range solution.

  Gregory suggested that the "complex solution" be pursued whereby the
  Context Handler is predicate aware and can perform ancillary
  processing and match "qualified" with "certified" condition derived
  results. 

  Hal suggested that it may be very difficult to achieve since it is
  effectively Policy matching (heretofore intentionally avoided by the TC
  due to complexity). Of the 3 scenarios presented by Gregory in his
  first presentation, the first appears to be directly addressable and
  as does the second (possibly using using a Convention by using an
  annotation). The third case may be too complex.

  Paul suggested that we should explore the more complex cases before
  dismissing them and offered to explore the topic.

  Gregory volunteered to post a note to the list to initiate
  conversation online.  

 PIP directive (carried over from previous meeting)
  David was not on the call so this issue has been postponed. The TC is
  encouraged to pick this topic up on the 

 content-selector attribute
  Jan noticed that this was used in an example in the core specification
| but the definition was defined in the Hierarchical Resource Profile. The
  general consensus is that this doesn't require an errata at this time.

WSDL for v3.0
| Jan suggested that that there are some issues that make creating a v3
| WSDL difficult and may be able to explore this at a later.

meeting adjourned


Related Content