[Openid-specs-authzen] Notes from 2024-11-26 AuthZEN call
Omri Gazitt
omri at aserto.com
Wed Nov 27 16:21:07 UTC 2024
# Meeting Notes 2024-11-26
## Attendees
Gerry Gebel
Alex Babeanu
Vladi Berger
Julio Auto De Medeiros
David Hyland
Omri Gazitt
Michiel Trimpe
Roland Baum
Victor Lu
Alex Olivier
David Brossard
Eve Maler
George Fletcher
## Agenda
- KubeCon update (Omri)
- Procedures and process
- HackMD replacement?
- Do we need to change meeting times?
- Roadmap for spec in 2025
- Naming format for specs to accommodate future enhancements
- Implementer's Draft 01 = Evaluation
- Implementer's Draft 02 = Evaluations and Discovery
- Implementer's Draft 03 = Search (list and predicates)
- When should we go for a vote on final spec?
- Review Search API proposal (Vlad)
- Update on outreach https://hackmd.io/@oidf-wg-authzen/target-integrations
## Notes
- KubeCon
- Several other authZ vendors in attendance (Aserto, Cerbos, Oso,
Permit.io)
- multiple talks on authz
- 200+ showed up for Omri's talk on AuthZEN - about 20+ people came up
after the talk to ask questions
- Attendees were more aware of authN than authZ. CNCF more familiar
with OPA and OpenFGA
- ??How to get date to the authZ engine?
- Strong interest in the search work being done here
- OIDF process
- Some issues were raised by OIDF but most likely based on
misunderstandings
- An issue was posted during review period that we missed
- Also a misunderstanding on our part of what could be changed
during that time period
- Co-chairs will review any outstanding issues before bringing
items to the broader group
- HackMD usage
- OIDF rules state that agenda and meeting notes should be
published to email list
- Can the OIDF's rules on IP be enforced if we use HackMD?
- Roadmap for 2025
- Getting to final specification
- Will need to engage with OIDF on certification
- Evaluation
- Evaluations and Discovery
- Search
- Getting events to PDPs
- Options
- Final spec of Evaluation
- Update Evaluations to include Discovery
- Include Search in a final spec
- Discussion of outreach
- We must undertake this effort to get more in the industry on the
AuthZEN bandwagon
- Updating and maintaining design patterns document will be very
beneficial to educate the industry
- It's best when outside groups create a profile for AuthZEN, rather
than having this working group initiate that effort
## Action items
- Contact Mike L regarding HackMD usage and potential IPR issues.
--
<http://www.aserto.com/>
Omri Gazitt | CEO
Aserto <http://www.aserto.com/> Inc. | (425) 765-0079
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-authzen/attachments/20241127/81642b42/attachment.htm>
More information about the Openid-specs-authzen
mailing list