[Openid-specs-authzen] Meeting minutes from the January 23rd 2024 call

Tue Feb 6 18:21:49 UTC 2024

Dear all,

Please find below the minutes from our call last month.

All meeting minutes can be found here:
https://github.com/openid/authzen/wiki/Meetings
Jan 23rd 2024: https://hackmd.io/@oidf-wg-authzen/wg-meeting-20240123

Agenda

👉 Add items that you would like to cover on the call 👈

   - Review of presentations last week
   - Upcoming presentations this week
      - NIST NGAC on Friday 11am PT
      - Topaz on Thursday noon PT
      - Design patterns - reconciling OAuth and P*P on Thursday 11am PT

<https://hackmd.io/@oidf-wg-authzen/wg-meeting-20240123#PEP-PDP-API-Work>PEP-PDP
API Work
<https://hackmd.io/@oidf-wg-authzen/wg-meeting-20240123#Link-to-PEP-PDP-session-recordings-amp-material>Link
to PEP-PDP session recordings & material

   - Cedar Google Doc Overview
   - ALFA Overview
   - OAuth Presentation

<https://hackmd.io/@oidf-wg-authzen/wg-meeting-20240123#Interop-Next-Steps>Interop
Next Steps

   - Let's agree on a simple use case and model
      - Just the yes/no binary for May '24
      - No support for additional statements (obligations/advice…)
      - We should adopt the SARE/PARC model from ALFA/Cedar (subject verb
      object context) and maybe include the custom categories

<https://hackmd.io/@oidf-wg-authzen/wg-meeting-20240123#Interop-Participants>Interop
Participants
<https://hackmd.io/@oidf-wg-authzen/wg-meeting-20240123#AuthZ-Vendor>AuthZ
Vendor

   - Axiomatics
   - AWS is trying to figure out which side of the house is interested in
   the interop (the webapp side and the Authz Side)
   - 3Edges
   - Aserto
   - Permit.io <http://permit.io/>

<https://hackmd.io/@oidf-wg-authzen/wg-meeting-20240123#PEP-Vendor>'PEP'
Vendor

   - Reach out to Kong & Zuplo. See action items

<https://hackmd.io/@oidf-wg-authzen/wg-meeting-20240123#App>App

We need a participant on the app side of things:

   - Build a custom Spring app?
   - Use OPAL?
   - Use the Todo app?
      - Build on top of the demo Jeff Lombardo did for Cedar at Identiverse
      '23

<https://hackmd.io/@oidf-wg-authzen/wg-meeting-20240123#Developer>Developer

   - Elie Azerad can take on the developer role trying to consume authz

<https://hackmd.io/@oidf-wg-authzen/wg-meeting-20240123#Conferences>
Conferences

   - Chat with Andi Hindle (Identiverse) - May 28-31, 2024
      - Use pre-conference/workshop time to work on the interop
      - Get a slot during the main agenda to discuss the results of the
      interop

<https://hackmd.io/@oidf-wg-authzen/wg-meeting-20240123#Todays-notes>Today's
notes

   - Discussion around the PEP/PDP Notes
   <https://hackmd.io/@oidf-wg-authzen/pep-pdp-api-design-suggestions> David
   put together
   - Agreement on the binding
   - https://datatracker.ietf.org/doc/rfc9493/ for subject identifiers

<https://hackmd.io/@oidf-wg-authzen/wg-meeting-20240123#Action-Items>Action
Items

   - Schedule a call to go over the demo app for the interop. Invite Omri,
   Gabriel. Put your names down here if interested.
   - David to reach out to Josh from Zuplo, cc Omri
   - Omri to reach out to Kong

-- 
---
David Brossard
http://www.linkedin.com/in/davidbrossard
http://twitter.com/davidjbrossard
http://about.me/brossard
---
Stay safe on the Internet: IC3 Prevention Tips
<https://www.capefearnetworks.com/wp-content/uploads/2017/05/Internet-Fraud-Prevention-Tips-IC3.pdf>
Prenez vos précautions sur Internet:
http://www.securite-informatique.gouv.fr/gp_rubrique34.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-authzen/attachments/20240206/e90e4d46/attachment-0001.html>