Notes from OGSA-Authz Telecon Sep 5, 2003

Attendance:

Marty Humphrey
Mary Thompson
Bob Cowles
Rebekah Lepro
Von Welch
Andrew McNab
Tony Genovese
David Chadwick
Takuya Mori
Bob Morgan
Frank Siebenlist

VW Did a quick review of charter

MT: Are two existing docs meant to fill two docs in charter?

[documents at bottom of http://www.globus.org/ogsa/security/]

VW: Yes, two documents are meant to be starters for requirements and
authz service interface

FS: Significant work going on in OASIS re XACML/SAML merge for SAML 2.0

VW: Where is SAML 2.0?

BM: Probably at least a year away

VW: Suggest building with existing standards (e.g. SAML 1.1, XACML
1.0) and not guess at new specs (e.g. SAML 2.0)

BM: SAML 2.0 will be additions on SAML 1.0

VW: I volunteer to edit requirements and authz service docs. Do we
have Editor volunteers for other two documents?

MT: attribute assertion format

RL: ditto

FS: policy language document

MH: How agnostic will policy language doc be?

VW: Charter has both agonstic and a specific standard

MT: We we extend SAML/XACML if needed?

VW: Yes, and feedback to OASIS

BM: Do we do application-specific stuff

AM: One concrete application example would be good

VW: Make it example and not standard.

MT: Job submission would be a good example

FS: Talk about profiles for PortTypes, SDE, Files...

VW: PortTypes, SDEs should be done

FS: Job description language really is needed to define policy on jobs

MH: Will track down where JDSL fits in

FS: JDSL not known about in OGSA WG F2f earlier this week

VW: Next step - send out rough outlines of documents

FS: Send out background reading on XACML. Any alternatives?

BM: XRML, not clear if competitor

MT: RBAC, does it map into XACML?

MT: Specify how higher-level language maps into XACML

FS: Suggest trying to mapping Akenti, PERMIS to XACML and see if
problems arise

VW: Try to have rough oulines of docs by end of next week

All: General agreement

End call