OASIS eXtensible Access Control Markup Language (XACML) TC

 View Only

Minutes for 15 August 2024 TC Meeting

  • 1.  Minutes for 15 August 2024 TC Meeting

    Posted 12-04-2024 19:06
    Time: 4:30 PM EDT
    Zoom:
    Zoom Link: http://tinyurl.com/48n4yrzs
    Meeting ID: 850 9753 8468

    Minutes for 18 July 2024 TC Meeting

    I. Roll Call & Minutes
    Voting members
    Hal Lockhart (Co-Chair)
    Bill Parducci (Co-Chair)
    Steven Legg

    Voting Members: 3 of 4 (75% - quorum)

    Approve Minutes for 18 July, 2024 TC meeting
    https://groups.oasis-open.org/discussion/proposed-agenda-18-july-2024-tc-meeting
    Vote: Approved unanimously.

    II. Administrivia
    GitHub “cc” to List update status
    Bill:
    Oasis has a consultant working with them now. I had a conversation with him and he is
    looking into the best solution to resolve this for all Committees.

    Email archive status
    Bill:
    The Oasis consultant will be exploring this once it the github issue has been resolved.
    I noted that I have captured the full XACML archive history and can make it accessible
    in case the


    III. Issues
    Steven:
    Markup v4.0 docs have begun. I have pasted the simple bitmap files for now. Cyril has
    begun exploring various technologies to develop these diagrams semantically.

    Next up will be to dive into replacing the Target framework with conditional mechanics...
    which opens up the conversation of possibly redefining the relationship between Targets,
    Conditions and Rules. My current thinking is that we keep both Target and Condition, both
    have same structure but, Condition can only exist in a Rule and Target only exists in
    a Policy.

    Combining Algorithms have been coalesced into a single structure. The Only One Applicable
    Combining Algorithm has some issues that make it unique (e.g. doesn't apply to Rules)
    and unwieldy. I suggest we remove this from v4.0.

    Sections 5 & 7 assumes XML is the only XACML syntax used for XACML. This creates issues
    if we are going to pursue JSON and/or YAML syntax in version 4.0. Perhaps we can address
    this with generic elements of each syntactic structure. A non-normative examples could
    help demonstrate this. Also, it may make sense to merge these two sections. I will
    explore using an example to create a description using the merged approach.

    Hal:
    I was thinking about the renaming issue for XACML. I prefer we keep the "X"...and maybe
    add a "4".

    Steven:
    If we create a core specification we could name the XML version "XACML v4" and have a
    unique name for other semantic languages.

    Bill:
    I really like that concept.

    Steven:
    This is why I am suggesting "generic semantic terms" in the core specification. This will
    allow us to create a defintion that don't depend on any specific syntactical language.


    meeting adjourned.

    Next meeting: 12 September, 2024