OGSA AuthZ WG Meeting, June 8, 2004 

Von opens meeting 8:02 am

Intellectual Property Policy
Agenda
 - Attribute document update
 - AuthZ Service Interface Update
 - Group Charter
 - Future plans


Mary presents update on Attribute document 
- Changes since GGF 10, added X.509 profile and comments from Frank Siebenlist
- discussion of OIDs for X.509 profile
   - Markus will add OID structure proposed by David/Vincenzo for 

- discussion of Frank's comments, 
   - identity just another type of attribute
     -> we will not define an identity attribute, but 
     identity attribute may become more important and more widely used
     Frank will propose changes to introductory text
     along the lines of "Entities are described by attributes"

   - discuss resource attribute
     -> attributes can be used universal also by resources, e.g.
        clearance level of the resource, membership in group of resources
         
   
   - discussion of privilege attribute
     Von:  looser coupling between privilege attribute  issuer and consumer
           than authZ decision     
           makes priv. attribute 
     priv. attribute created before action 
     authZ. decision created based on action

     -> discuss in "focus group meeting"

AuthZ Interface Document (Von)

  Implementations in PERMIS, DCMS, GT 3.3
  Changes to document since January came out of implementation experiences
  

Charter Reduction (Von)
  No substantial work on policy side, propose to remove this from charter
  (e-mail May 12th)

Frank provides XACML update:
  Design for delegation of rights in XACML is being codified

Von: What do you think about XrML?
Frank: Language is very rich and fit requirements, but it is unclear how
       one could deal with intellectual property issues
       For the future: go ahead with XACML, but keep in mind that XrML will
       be on every single microsoft machine
  
Von: Brief talk about requirements document, need to be reviewed if it is 
still accurate and applicable

Von: Timeline, a little bit behind anticipated timeline, but OK. Plan is
to submit documents before next GGF.

Mary: Would propose to finish documents in the next 2-3 weeks and put them 
out for last call. 

Von: Yes for SAML document, Attributes document pending issues to be resolved

Von: Should we do an XACML Workshop to capture the experiences the community
has?