[policy-charter] Admin Policy Push Group

[Pieter Kasselman]

Agreed that breaking the work down into smaller scoped packages gives us the best chance of making forward motion. Taking a Lego approach of having building blocks where one spec can build or extend another has worked well in helping progress work (as long as we keep the narrative of how they fit together crisp). For example, we can define message formats/protocols, separate from transports (perhaps this is how we differentiate between push and pull as well) and so forth.

From: policy-charter <policy-charter-bounces at lists.openid.net> On Behalf Of Gerry Gebel via policy-charter
Sent: Monday, June 19, 2023 4:12 PM
To: Policy Charter Mail List <policy-charter at lists.openid.net>
Cc: Gerry Gebel <gerry at strata.io>
Subject: Re: [policy-charter] Admin Policy Push Group

@Omri - I agree with Andrew here that we should keep the scope more narrowly defined.

Some of what you describe (push vs. pull) will be specific to the target environment and not easily generalized.

That said, a separate work stream can be started if that is appropriate

Gerry

On Sun, Jun 18, 2023 at 5:05 PM Andrew Hughes via policy-charter <policy-charter at lists.openid.net<mailto:policy-charter at lists.openid.net>> wrote:
I prefer the most narrow scope possible. Otherwise we will never finish.

Other people will work with n the other parts.

On Sun, Jun 18, 2023 at 4:00 PM Omri Gazitt via policy-charter <policy-charter at lists.openid.net<mailto:policy-charter at lists.openid.net>> wrote:
One thing I'd like to put out there...

In a world where both policy and data are important parts of a decision, we should consider expanding the scope of what we believe should be pushed from an administration point to a decision point.  Specifically, with a ReBAC model (or a hybrid policy-as-code / policy-as-data model), changes in relationships between subjects and objects are as critical to communicate as policy changes.

If folks agree, then perhaps the name of the workstream should be generalized to "PAP-PDP group".

Additionally, there are two possible models to consider - Pull and Push. For example, OPA defines a pull model<https://www.openpolicyagent.org/docs/latest/management-bundles/> for a PDP to obtain policy updates from a policy bundle service.  In practice, a push model seems critical for real-world scenarios.

On Sun, Jun 18, 2023 at 2:54 PM Roland Baum via policy-charter <policy-charter at lists.openid.net<mailto:policy-charter at lists.openid.net>> wrote:

me too! :-D
Am 15.06.23 um 20:51 schrieb Omri Gazitt via policy-charter:
Me too

On Thu, Jun 15, 2023 at 10:35 AM Atul Tulshibagwale via policy-charter <policy-charter at lists.openid.net<mailto:policy-charter at lists.openid.net>> wrote:
Im in

On Thu, Jun 15, 2023 at 10:34 AM Vittorio Bertocci via policy-charter <policy-charter at lists.openid.net<mailto:policy-charter at lists.openid.net>> wrote:
Would love to be on it!

On Thu, Jun 15, 2023 at 10:33 David Brossard via policy-charter <policy-charter at lists.openid.net<mailto:policy-charter at lists.openid.net>> wrote:

This message originated outside your organization.

________________________________

Count me in too

On Thu, Jun 15, 2023, 10:30 AM Shayne Miel (smiel) via policy-charter <policy-charter at lists.openid.net<mailto:policy-charter at lists.openid.net>> wrote:
Please count me in for the Admin Policy Push group.

Thanks!
Shayne Miel


[https://duo.com/assets/img/email/spacer.gif]
Shayne Miel
/ Principal Engineer (he, him, his)

smiel at cisco.com<mailto:smiel at cisco.com>

(919) 923-6230

cisco.com<https://urldefense.com/v3/__https://www.cisco.com/site/us/en/products/security/index.html__;!!PwKahg!4zuqlwDjQsKy8apRVi9ImPprXSTXVrhXnrfmIhSUtDp3STR8J62s7zvfMsE7Z_yaCzNWpdSxS1yQ-Vb0CLNdfhklKja8Kb_WYdE$>


________________________________
From: policy-charter <policy-charter-bounces at lists.openid.net<mailto:policy-charter-bounces at lists.openid.net>> on behalf of Gerry Gebel via policy-charter <policy-charter at lists.openid.net<mailto:policy-charter at lists.openid.net>>
Sent: Thursday, June 15, 2023 10:53 AM
To: Policy Charter Mail List <policy-charter at lists.openid.net<mailto:policy-charter at lists.openid.net>>
Cc: Gerry Gebel <gerry at strata.io<mailto:gerry at strata.io>>
Subject: [policy-charter] Admin Policy Push Group

Hi all -

Thanks to Andrew Hughes for leading the PEP-PDP Group and those that have expressed interest in pursuing that effort.

How about the Admin Policy Push work stream? Who is interested in participating?
Thanks,
Gerry
--
policy-charter mailing list
policy-charter at lists.openid.net<mailto:policy-charter at lists.openid.net>
https://lists.openid.net/mailman/listinfo/policy-charter<https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/policy-charter__;!!PwKahg!4zuqlwDjQsKy8apRVi9ImPprXSTXVrhXnrfmIhSUtDp3STR8J62s7zvfMsE7Z_yaCzNWpdSxS1yQ-Vb0CLNdfhklKja8RgFFZy8$>
--
policy-charter mailing list
policy-charter at lists.openid.net<mailto:policy-charter at lists.openid.net>
https://lists.openid.net/mailman/listinfo/policy-charter
--
policy-charter mailing list
policy-charter at lists.openid.net<mailto:policy-charter at lists.openid.net>
https://lists.openid.net/mailman/listinfo/policy-charter
--
policy-charter mailing list
policy-charter at lists.openid.net<mailto:policy-charter at lists.openid.net>
https://lists.openid.net/mailman/listinfo/policy-charter
--

[https://raw.githubusercontent.com/aserto-dev/artwork/main/logo/horizontal/color/aserto-horizontal-color.png]<http://www.aserto.com/>

Omri Gazitt | CEO

Aserto<http://www.aserto.com/> Inc. | (425) 765-0079

--
policy-charter mailing list
policy-charter at lists.openid.net<mailto:policy-charter at lists.openid.net>
https://lists.openid.net/mailman/listinfo/policy-charter
--
policy-charter mailing list
policy-charter at lists.openid.net<mailto:policy-charter at lists.openid.net>
https://lists.openid.net/mailman/listinfo/policy-charter
--
Andrew Hughes
Director, Identity Standards
Ping Identity
Signal/Mobile: +12508889474

CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.--
policy-charter mailing list
policy-charter at lists.openid.net<mailto:policy-charter at lists.openid.net>
https://lists.openid.net/mailman/listinfo/policy-charter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/policy-charter/attachments/20230619/7c0a3fa3/attachment-0001.html>