Title: XACML Conference Call Minutes XACML Conference Call Date: Thursday, August 8, 2002 Time: 10:00 AM EDT Tel: 512-225-3050 Access Code: 65998 Summary Long list of action items exists from the F2F and those past due were reviewed. Because of some missing participants, some could not be closed out. There was also a discussion on how to handle schema changes going forward. There is general concern about modifying the schema while implementers are trying to implement. Any changes will require approval of TC. Also reviewed issues list and resolve some old issues; however there are many more to be covered next week and active review of the issues before then by the committee members will help the process immensely. Action Items See
http://lists.oasis-open.org/archives/xacml/200208/msg00004.html for current list of open action items from F2F. Vote to accept minutes of F2F 7/30-8/1 Anne to submit simple example in English Simon to update current examples to comply with schema Simon to email proposed schema fix for AttributeIssuer Ken to post issues list 09 to reflect resolutions from this meeting All , please review open issues and provide resolutions to Ken and be prepared to discuss and close them on next week's call. Votes No votes were taken. Proposed Agenda: 10:00-10:05 Roll Call and Agenda Review 10:05-10:10 Vote to accept minutes of July 30 - Aug.1 face-to-face meeting
http://lists.oasis-open.org/archives/xacml/200208/msg00004.html 10:10-10:20 Review of Action Items (see 7/30 - 8/1 minutes) 10:20-10:30 Review of F2F results (Tim, Simon) 10:30 - 10:55 Review of Issues list (Ken) 10:55-11:00 Any other business Roll Call Ken Yagen , Crosslogix Hal Lockhart, Entegrity Carlisle Adams , Entrust Tim Moses, Entrust Michiharu Kudoh, IBM Simon Godik , Self Polar Humenn , Self Raw Minutes (taken by Polar Humenn ) Discussion on Quorum. Shankar is no longer. Shiresh on leave of absence. We may not have quorum. Hal: The only voting item we have is voting on the minutes of the F2F. We can wait a week. Carlise : Put off accepting the minutes until the next meeting. Actions items. Many people are not on the call. August 1 and August 2 action items have not been met. 10:11 : Simon just joined Simon's action items from the F2F are still in progress. Simon asked if we would have different examples. Someone, possibly Anne, was supposed to submit a simple example in English. Simon will update the current examples to handle the current version of the schema. Michiharu: Question on action item: [Hal, 14 Aug 2002 ] Find out proper value for XPathVersion : i.e. is there a URN? Currently using
http://www.w3.org/TR/1999/REC-xpath-19991116 Hal: We need to choose an distinguished identifer . Have you got one? Michiharu: The current URL
http://www.xpath ..... is used to identify XPATH 1.0. Hal: In SAML we used a scheme adopted by the IETF. We should find a urn that isn't really deferencable . It should just be an identifer . Michiharu will come up with an identifier, but for the mean time or default we use the identifier we have above. Carlise : Calling for Summary of F2F Tim: 16e is our final release schema. Cleared up a lot of issues. 1 issue brought up by anne . On the con call on Monday, we decided that we do not really need to change the schema. Any further changes to the schema should require acceptance of the TC, not the schema sub committee. No new ideas. We need approval of the full TC, even for bug fixes. Simon: Already one fix: The AttributeIssuer is currently an URI, and I think it should be a string. This is because the issuer is usually a DN, not a uri . SAML has the issuer is a string. Carlise : calls for objections? Tim: Should we be modifing the schema on the fly? We should consider a change order. Hal: We should encourage implementers. Dilemna . Simon will send email (proposed schema fix). Hal: We publish on the list that we are going to make the change. Tim: We can curculate 16f, 16g, etc. on the list, but not publish it on the web site. Michiharu: On the web site we only have 15. Carlise : The next verision of the document will be 16. Michiharu: We need to clear up the semantics on the SubjectAttributeDesignators . Carlise : Lets spend a couple of minutes on this issue. Michaharu : Not clear on Subject Attribute Designator element. mail from Anne: Attribute Designatore Examples Aug 1. He doesn't know what this means. Simon: We discussed this issue on Monday. Simeon explained it. Michiharu is still confused and will email to the list. Carlise : Go over the issues list. PM-1-04: Voted on in February. Carlise : We have 2 ways to represent attributes, using XPATH, or our own AttributeDesignators . Use XPATH if you need to refer to attributes in a resource. CLOSED. PM-1-06: N-Of with zero elements shall result to TRUE. CLOSED PM-1-08: Syntax of XACML Applicable policy. What is in the schema? Tim says its a URI. Do we need to reference the Authority? Carlise : We can live with not referencing the policy authority in version 1.0. Change the resolution so that it is just a URI for the policy or policy set. CLOSED. PM-2-02: Target Specification We have ResourceAttributeDesignator . We have all rules spelled out for target and condition. It is all resolved in schema, attribute desinators and rules for evaluation target and condition CLOSED. PM-2-04: Indexing policies Decided to defer LDAP profile to post 1.0. No longer an issue for 1.0. DEFERED. PM-2-07: ValueRef type. We are not importing SAML. CLOSED. PM-3-02: Specifying Policy Outcome. We have 4 values, Permit, Deny, Indeterminate, NotApplicable . We say nothing about what the PEP does. CLOSED. Polar: It's 11:00 . Carlise : When to have the next TC meeting. 1 week or 2 weeks? Polar: Motion for next week. Ken: I would like time to get through the issues. Carlise : Okay, next meeting on the 15th. Ken will post a new issues list. Carlise : Action Item to everybody to take a quick look at the issues list and send resolutions to Ken to help speed the process. Motion to adjuourn .