[Openid-specs-authzen] Notes from today's call

Tue Feb 6 18:17:17 UTC 2024

Dear all,

To be more compliant with OpenID rules, I've pasted the minutes here:

Meeting Notes 2024-01-16
<https://hackmd.io/@oidf-wg-authzen/wg-meeting-20240116#New-members>New
members

Welcome 👋 to the NIST team, Cloudentity, Radiant Logic, and Cerbos.
<https://hackmd.io/@oidf-wg-authzen/wg-meeting-20240116#Prior-Art-Cedar-Background>Prior
Art: Cedar Background

Darin's AWS Cedar Overview
<https://docs.google.com/document/d/1FAwPXX3dN1sOB8ICihP9rqC4TDtjsZs2cOuE0pYa29Q/edit>

   - There is consensus that we are trying to harmonize how to send a
   request and process a response
   - Cedar uses the PARC model. Atul's current design doesn't have room for
   context. We need to add that
   - Cedar's model is symmetric i.e. Principal, Action, Resource, and
   Context are all equivalent.
   - Passing in the policies that are to be crunched: @davidbrossard
   <https://hackmd.io/@davidbrossard> seems to think it's out of bounds
   - Passing in the data to be used: that goes against the PIP model but
   addresses issues of scale

<https://hackmd.io/@oidf-wg-authzen/wg-meeting-20240116#Action-Items>Action
Items

   - @davidbrossard <https://hackmd.io/@davidbrossard> will build a
   comparison between different models in the prior art doc to drive the next
   iteration of the spec
   - We need to agree on what we want to show in the interop
      - Is it a Postman collection that can be used against any vendor
      (Aserto, Axiomatics, 3Edges?)

<https://hackmd.io/@oidf-wg-authzen/wg-meeting-20240116#Next-Steps>Next
Steps

   - 2 calls scheduled to go over OAuth (David Hyland) and ALFA (David
   Brossard) on Thursday and Friday 11am PT
   - Design patterns doc (@alexbabeanu <https://hackmd.io/@alexbabeanu>):
   Alex will schedule a follow-up

<https://hackmd.io/@oidf-wg-authzen/wg-meeting-20240116#Other-Items>Other
Items

   - Identiverse participation: interop exercise prior to the conference
   followed by a readout during the main agenda
   - All, please read up @xmlgrrl <https://hackmd.io/@xmlgrrl>'s interop
   scenarios <https://hackmd.io/@oidf-wg-authzen/InteropScenarios>

On Tue, Jan 16, 2024 at 12:10 PM David Brossard <david.brossard at gmail.com>
wrote:

> Dear all,
>
> Thanks for attending today. Here are today's meeting notes:
> https://hackmd.io/@oidf-wg-authzen/wg-meeting-20240116
>
> Darin's document can be found here:
> https://docs.google.com/document/d/1FAwPXX3dN1sOB8ICihP9rqC4TDtjsZs2cOuE0pYa29Q/edit#heading=h.wve3mxzb3rfi
>
> Those of you who missed the call can watch the replay (Mike, can you share
> the link?)
>
> Thanks,
> David
>

-- 
---
David Brossard
http://www.linkedin.com/in/davidbrossard
http://twitter.com/davidjbrossard
http://about.me/brossard
---
Stay safe on the Internet: IC3 Prevention Tips
<https://www.capefearnetworks.com/wp-content/uploads/2017/05/Internet-Fraud-Prevention-Tips-IC3.pdf>
Prenez vos précautions sur Internet:
http://www.securite-informatique.gouv.fr/gp_rubrique34.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-authzen/attachments/20240206/2605a3be/attachment-0001.html>