OASIS eXtensible Access Control Markup Language (XACML) TC

Minutes 9 January 2014 TC Meeting

  • 1.  Minutes 9 January 2014 TC Meeting

    Posted 01-10-2014 02:01
    Minutes for 9 January TC meeting I. Roll Call & Approve Minutes Voting Members: Crystal Hayes Richard Hill Mohammad Jafari Rich Levinson Hal Lockhart (chair) Bill Parducci (chair) Remon Sinnema John Tolbert Members: Erik Rissanen Quorum Achieved - 88% (per Oasis) Yes. Minutes 12 December 2013 TC Meeting APPROVED unanimously II. Adminstrivia Request / Response Interface based on JSON and HTTP for XACML 3.0 V1.0 Some errors were identified on the xacml-dev list which David Brossard acknowledged on this list. Erik will follow up with Erik on next steps. XACMLv3 Combining Algorithm Profile - Approve a Committee Specification Draft for Public Review Remon: I move that the TC approve "XACML v3.0 Multiple Decision Profile Version 1.0, Working Draft 11, 20 December 2013" and all associated artifacts packaged together in https://www.oasis-open.org/committees/download.php/51748/xacml-3.0-combalgs-v1.0-wd06.doc as a Committee Specification Draft and designate the .doc version of the specification as authoritative and to be published to the repository to be made available for Public Review. Richard: Second VOTE: APPROVED UNANIMOUSLY ACTION ITEM: Bill to submit requests to Oasis XACML MAP Authorization Profile Version 1.0 30-day Public Review ends 14 January XACML v3.0 Multiple Decision Profile Version 1.0 WD-11 uploaded Other Profiles being reanimated Hal breifly reviewed some the rule changes since a number of the older profiles worked on. Erik: plans to update these Profiles to use the new version of Oasis templates and resbumit to the TC for consideration. DLP-NAC Profile There was high level discussion on various approaches to defining the Action-id with the general consensus that this could be exanded to address various protocol idiosyncaracies, categroization. John: We have some interesting in "whitelisting" and how that may be explored as a Use Case. Hal: I believe that the codebase subject attributes could be used for this but the it would interesting to explore. meeting adjourned.