[Openid-specs-authzen] Meeting Notes for Oct 31 2023

Tue Oct 31 16:46:17 UTC 2023

Attendees

David Brossard , Allan Foster, Mike L, Phil Hunt, Steve Venema, Alex B.,
Gail Hodges, Dani Katzman, Lenah Chacha, Mark Haine, Omri Gazitt, Roland
Baum, Atul T., Sean O’Dell
Agenda

   -

   update on the github set up

   -

   Comments on the call we had with CISA today - Atul & Gail
   -

   List of docs/sources of terminology to the call tomorrow - Eve
   -

   Updates on discussions with EIC and Identiverse planners? - Allan
   -

   Collecting the existing pet PDP standards and interfaces. For instance
   XACML JSON, Rego, Cedar

Notes

   -

   CISA Update
   -

      Feedback from Grant Dasher/ CISA yesterday: Key Challenge: Ambiguous
      MFA terminology
      -

      Recommendations: Create standard MFA terminology that provides clear,
      interoperable, and standardized definitions and policies allowing
      organizations to make value comparisons and to integrate these solutions
      into their environment.
      -

      Map products to NIST requirements such as those articulated in NIST
      SP 800- 63 Digital Identity Guidelines.
      -

      FIDO/ OIDF Alignment on (ideally existing) terms used in AuthZEN WG
      from 800-63, W3C)
      -

      Consider alignment to AuthZEN WG to 800-63 -4 where appropriate for
      US implementers
      -

   Github update
   -

      Atul transitioned his repository to the OIDF repository.
      -

      https://github.com/openid/authzen/
      -

      Mike L. invited co-chairs to be admins of the github repository
      -

      Github issues will be forwarded to the mailing list (Mike L.)
      -

      Licensing set up correctly
      -

      Need to add CONTRIBUTING.md to GitHub e.g.
      https://github.com/openid/OpenID4VP/blob/main/CONTRIBUTING.md
      -

   Eve’s update
   -

      Looked at sources e.g. IDPro, IETF
      -

      Eve included terms from the OAuth realm that do not follow the P*P
      terminology.
      -

      We should include terminology from the graph world
      -

      File shared (xlsx on the mailing list)
      -

   Slack
   -

      Atul created a Slack channel
      -

      Channel link <https://app.slack.com/client/TBB85A45B/C0630873JGK>
      -

      Mike: I’ll get current mail list subscribers invited to the Slack
      channel this week.
      -

   Documentation
   -

      Atul: in the Shared Signals WG, we’ve also used hackmd.io for
      collaborative markdown documents
      -

   Conference engagement
   -

      EIC update: Allan reached out to Joerg Resch. We will need to send a
      list of panelists by the beginning of the year.
      -

         We have a reserved spot
         -

      Identiverse: waiting to hear back from Andi
      -

   Existing PEP/PDP standards and interfaces
   -

      Let’s start from the work Atul & others did in the github AuthZAPI
      repository
      -

      Let’s provide feedback through issues on the github repo
      -

      Let’s use the same model as Shared Signals
      -

   Ask from Sean O’Dell, Disney
   -

      Request to become an additional co-chair
      -

   Useful links
   -

      https://pure.royalholloway.ac.uk/en/publications/completeness-in-languages-for-attribute-based-access-control
      -

      https://www.sciencedirect.com/science/article/abs/pii/S1383762122001539
      -

   Keeping meeting notes
   -

      Shared Signals uses hackmd.io → should we use the same?
      -

      License limitations?

Action items

   - [image: unchecked]

   Co-chairs to send their github usernames to Mike
   - [image: unchecked]

   Mike to invite ML members to the Slack channel
   - [image: unchecked]

   All to file issues in github for PEP/PDP work
   - [image: unchecked]

   Eve to take the lead on terminology and reconvene in December
   - [image: unchecked]

   Alex to publish the design patterns document as markdown in the github
   repository
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-authzen/attachments/20231031/bc924f72/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 269 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-authzen/attachments/20231031/bc924f72/attachment-0005.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 269 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-authzen/attachments/20231031/bc924f72/attachment-0006.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 269 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-authzen/attachments/20231031/bc924f72/attachment-0007.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 269 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-authzen/attachments/20231031/bc924f72/attachment-0008.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 269 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-authzen/attachments/20231031/bc924f72/attachment-0009.png>