[Openid-specs-authzen] Notes from 2024-11-26 AuthZEN call

Omri Gazitt omri at aserto.com
Wed Nov 27 16:21:07 UTC 2024


# Meeting Notes 2024-11-26

## Attendees
Gerry Gebel
Alex Babeanu
Vladi Berger
Julio Auto De Medeiros
David Hyland
Omri Gazitt
Michiel Trimpe
Roland Baum
Victor Lu
Alex Olivier
David Brossard
Eve Maler
George Fletcher

## Agenda
- KubeCon update (Omri)
- Procedures and process
    - HackMD replacement?
    - Do we need to change meeting times?
- Roadmap for spec in 2025
    -  Naming format for specs to accommodate future enhancements
        - Implementer's Draft 01 = Evaluation
        - Implementer's Draft 02 = Evaluations and Discovery
        - Implementer's Draft 03 = Search (list and predicates)
    - When should we go for a vote on final spec?
- Review Search API proposal (Vlad)
- Update on outreach https://hackmd.io/@oidf-wg-authzen/target-integrations

## Notes
- KubeCon
    - Several other authZ vendors in attendance (Aserto, Cerbos, Oso,
Permit.io)
    - multiple talks on authz
    - 200+ showed up for Omri's talk on AuthZEN - about 20+ people came up
after the talk to ask questions
    - Attendees were more aware of authN than authZ. CNCF more familiar
with OPA and OpenFGA
    - ??How to get date to the authZ engine?
    - Strong interest in the search work being done here

- OIDF process
    - Some issues were raised by OIDF but most likely based on
misunderstandings
        - An issue was posted during review period that we missed
        - Also a misunderstanding on our part of what could be changed
during that time period
        - Co-chairs will review any outstanding issues before bringing
items to the broader group
    - HackMD usage
        - OIDF rules state that agenda and meeting notes should be
published to email list
        - Can the OIDF's rules on IP be enforced if we use HackMD?

- Roadmap for 2025
    - Getting to final specification
    - Will need to engage with OIDF on certification
    - Evaluation
    - Evaluations and Discovery
    - Search
    - Getting events to PDPs
    - Options
        - Final spec of Evaluation
        - Update Evaluations to include Discovery
        - Include Search in a final spec

- Discussion of outreach
    - We must undertake this effort to get more in the industry on the
AuthZEN bandwagon
    - Updating and maintaining design patterns document will be very
beneficial to educate the industry
    - It's best when outside groups create a profile for AuthZEN, rather
than having this working group initiate that effort

## Action items
- Contact Mike L regarding HackMD usage and potential IPR issues.

-- 

<http://www.aserto.com/>

Omri Gazitt | CEO

Aserto <http://www.aserto.com/> Inc. | (425) 765-0079
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-authzen/attachments/20241127/81642b42/attachment.htm>


More information about the Openid-specs-authzen mailing list