OGSA Attributes (Mary Thompson)

What to standize attributes for compabaility between policy writes,
PDPs, PEPs

Existing standards:
 X.509 ACs, SAML, XACML, Shibboleth
 Want to use/learn from these

Summary of X.509 ACs

Summary of SAML Attribute Assertions & Statements 

Summary of XACML Context

Summary of Shibboleth

Comparison of above technoligies
 -Number of subjects (usually one)
 -Represent multi values (all)
 -Predefined attribute identifiers (not SAML)
 -Dig Sig (not XACML)
 -Attribute meta-data (not SAML)
 -Associate with subject or principal (All, XCAML from subject context)
 -Attribute identifier format (each different)
 -Encoding (ASN.1, XML)

Markus: XACML cannot associate with issuer since it has no signature

Proposed elements

Raj: Issuer may be implied

David: can really have 0 values and dataTypes?

Really not requirements (all optional), but is ontology and common
uses

Stanadars attributes discussion

David: Need to make sure we don\'t repeat EduPerson and LDAP mistakes
and specify attribute meanings well

Andrew: Can we really avoid having same attributes names meaning
different things?

We\'d like to...

David: Real problem is two organizations using same attribute to mean
different things