[policy-charter] Link to PDP-PEP Interop WG Charter draft document

Andres Aguiar andres.aguiar at okta.com
Tue Jun 27 15:25:22 UTC 2023 

Hi all!

Any reason not to include Google Zanzibar-inspired AuthZ implementations
(e.g. OpenFGA, Topaz, SpiceDB, Permify, etc) as part of the scope of this
effort?

Regards,

Andres


On Tue, Jun 27, 2023 at 12:09 PM David Brossard via policy-charter <
policy-charter at lists.openid.net> wrote:

> *This message originated outside your organization.*
>
> ------------------------------
>
> I added notes and comments in the Google Doc
> <https://docs.google.com/document/d/1ijAaymAapYyeV_3qMVjuLtNzoskKsh7R/edit?pli=1>.
> I think it is worth highlighting we're not after yet another standard
> <https://urldefense.com/v3/__https://xkcd.com/927/__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzOe8cLp8$>.
> We want to:
>
>    1. increase interoperability between existing standards. In my mind,
>    the four horsemen of the ap-authz-calypse are ALFA, Cedar, OPA, and IDQL.
>       1. interop from a policy management perspective
>       2. interop from a runtime request/response perspective
>    2. increase awareness of externalized authz so that software
>    developers/owners/SaaS never rebuild their own
>       1. Be the OAuth/SAML of authZ
>       2. Define and propose standard authZ patterns
>          1. use cases
>          2. integration patterns
>
>
> On Mon, Jun 26, 2023 at 8:42 AM Alex Babeanu via policy-charter <
> policy-charter at lists.openid.net> wrote:
>
>> Sounds good to me too.
>> Thanks,
>>
>> ./\.
>>
>> On Fri, Jun 23, 2023 at 10:00 AM Andrew Hughes via policy-charter <
>> policy-charter at lists.openid.net> wrote:
>>
>>> Anyone else want to weigh in on this?
>>>
>>> I'm onboard with Pieter's suggestion that the attached document
>>> describes a deliverable of a larger work group - if so, I'd like to get
>>> closure on the description quickly
>>>
>>> I hope it's a simple and non-controversial deliverable...
>>>
>>> Andrew Hughes
>>> Director - Identity Standards
>>> andrewhughes at pingidentity.com
>>> Mobile/Signal: +1 250 888 9474
>>>
>>>
>>>
>>> On Mon, Jun 19, 2023 at 4:30 AM Pieter Kasselman via policy-charter <
>>> policy-charter at lists.openid.net> wrote:
>>>
>>>> My perspective is that we should have one Work Group focused on
>>>> authorization with multiple deliverables (e.g. OpenID Connect and SSF for
>>>> example has multiple deliverables) to start with. This way everyone
>>>> interested in the authorization topic has visibility into the different
>>>> work items and we get the benefit of wider participation and review.
>>>>
>>>>
>>>>
>>>> Agreed that something with Authorization in the name would make sense,
>>>> something like AuthZEN Framework (AuthoriZation ExchaNge Framework) or
>>>> AuthIT/AuthZIT Framework (Authorization Interoperability Technology
>>>> Framework)….
>>>>
>>>>
>>>>
>>>> *From:* policy-charter <policy-charter-bounces at lists.openid.net> *On
>>>> Behalf Of *Allan Foster via policy-charter
>>>> *Sent:* Friday, June 16, 2023 10:46 PM
>>>> *To:* Policy Charter Mail List <policy-charter at lists.openid.net>
>>>> *Cc:* Allan Foster <allan at macguru.com>
>>>> *Subject:* Re: [policy-charter] Link to PDP-PEP Interop WG Charter
>>>> draft document
>>>>
>>>>
>>>>
>>>> So,  I wonder if we should do two different WGs,  or one WG with two
>>>> different standards…. (At least,  for now?)
>>>>
>>>>
>>>>
>>>> I am inclined to think the WG should be AuthZ something…….   and have
>>>> two separate streams…. (or standards?)
>>>>
>>>>
>>>>
>>>> Thoughts
>>>>
>>>>
>>>>
>>>> Allan
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Friday, Jun 16, 2023 at 14:02, Alex Babeanu via policy-charter <
>>>> policy-charter at lists.openid.net> wrote:
>>>>
>>>> Thanks Andrew!
>>>>
>>>> Added a first comment in there... The season's open!
>>>>
>>>>
>>>>
>>>> ./\.
>>>>
>>>>
>>>>
>>>> On Fri, Jun 16, 2023 at 11:50 AM Andrew Hughes via policy-charter <
>>>> policy-charter at lists.openid.net> wrote:
>>>>
>>>> Here is the document I have started - the link puts you into "suggest"
>>>> mode. Please add text with self-attribution. Be respectful of others'
>>>> contributions.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> https://docs.google.com/document/d/1ijAaymAapYyeV_3qMVjuLtNzoskKsh7R/edit?usp=sharing&ouid=110252403279221684258&rtpof=true&sd=true
>>>>
>>>>
>>>>
>>>>
>>>> [image: Ping Identity]
>>>> <https://urldefense.com/v3/__https://www.pingidentity.com/__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzcNeP4vs$>
>>>>
>>>> *Andrew Hughes*
>>>> Director - Identity Standards
>>>> andrewhughes at pingidentity.com
>>>>
>>>> *Connect with us: *
>>>>
>>>> [image: Glassdoor logo]
>>>> <https://urldefense.com/v3/__https://www.glassdoor.com/Overview/Working-at-Ping-Identity-EI_IE380907.11,24.htm__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzWdCjpz4$>[image:
>>>> LinkedIn logo] <https://www.linkedin.com/company/21870>[image: twitter
>>>> logo]
>>>> <https://urldefense.com/v3/__https://twitter.com/pingidentity__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzDUeSi2c$>[image:
>>>> facebook logo]
>>>> <https://urldefense.com/v3/__https://www.facebook.com/pingidentitypage__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzqt_Q5uo$>[image:
>>>> youtube logo]
>>>> <https://urldefense.com/v3/__https://www.youtube.com/user/PingIdentityTV__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzayZ0G60$>[image:
>>>> Blog logo]
>>>> <https://urldefense.com/v3/__https://www.pingidentity.com/en/blog.html__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzBZ_t8is$>
>>>>
>>>>
>>>> <https://urldefense.com/v3/__https://www.pingidentity.com/en/company/championing-every-identity/dei.html?utm_source=direct*20to*20website&utm_medium=emailsig__;JSU!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzIokbF3o$>
>>>>
>>>>
>>>>
>>>>
>>>> *CONFIDENTIALITY NOTICE: This email may contain confidential and
>>>> privileged material for the sole use of the intended recipient(s). Any
>>>> review, use, distribution or disclosure by others is strictly prohibited.
>>>> If you have received this communication in error, please notify the sender
>>>> immediately by e-mail and delete the message and any file attachments from
>>>> your computer. Thank you.*--
>>>> policy-charter mailing list
>>>> policy-charter at lists.openid.net
>>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/policy-charter__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzI-GNWW0$>
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>>
>>>> [image: This is Alexandre Babeanu's card. Their email is
>>>> alex at 3edges.com. Their phone number is +1 604 728 8130.]
>>>> <https://urldefense.com/v3/__https://hihello.me/p/cda689b1-0378-4b9c-88cf-33a9bc8ef0c5__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzhrCCuoA$>
>>>>
>>>>
>>>> CONFIDENTIALITY NOTICE: This e-mail message, including any attachments
>>>> hereto, is for the sole use of the intended recipient(s) and may contain
>>>> confidential and/or proprietary information.
>>>> --
>>>> policy-charter mailing list
>>>> policy-charter at lists.openid.net
>>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/policy-charter__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzI-GNWW0$>
>>>>
>>>> --
>>>> policy-charter mailing list
>>>> policy-charter at lists.openid.net
>>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/policy-charter__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzI-GNWW0$>
>>>>
>>>
>>> *CONFIDENTIALITY NOTICE: This email may contain confidential and
>>> privileged material for the sole use of the intended recipient(s). Any
>>> review, use, distribution or disclosure by others is strictly prohibited.
>>> If you have received this communication in error, please notify the sender
>>> immediately by e-mail and delete the message and any file attachments from
>>> your computer. Thank you.*--
>>> policy-charter mailing list
>>> policy-charter at lists.openid.net
>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/policy-charter__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzI-GNWW0$>
>>>
>>
>>
>> --
>> [image: This is Alexandre Babeanu's card. Their email is alex at 3edges.com.
>> Their phone number is +1 604 728 8130.]
>> <https://urldefense.com/v3/__https://hihello.me/p/cda689b1-0378-4b9c-88cf-33a9bc8ef0c5__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzhrCCuoA$>
>>
>> CONFIDENTIALITY NOTICE: This e-mail message, including any attachments
>> hereto, is for the sole use of the intended recipient(s) and may contain
>> confidential and/or proprietary information.
>> --
>> policy-charter mailing list
>> policy-charter at lists.openid.net
>> https://lists.openid.net/mailman/listinfo/policy-charter
>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/policy-charter__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzI-GNWW0$>
>>
>
>
> --
> ---
> David Brossard
> http://www.linkedin.com/in/davidbrossard
> http://twitter.com/davidjbrossard
> <https://urldefense.com/v3/__http://twitter.com/davidjbrossard__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzQRlFaRU$>
> http://about.me/brossard
> <https://urldefense.com/v3/__http://about.me/brossard__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzQqI8AE8$>
> ---
> Stay safe on the Internet: http://www.ic3.gov/preventiontips.aspx
> <https://urldefense.com/v3/__http://www.ic3.gov/preventiontips.aspx__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzljfWGu0$>
> Prenez vos précautions sur Internet:
> http://www.securite-informatique.gouv.fr/gp_rubrique34.html
> <https://urldefense.com/v3/__http://www.securite-informatique.gouv.fr/gp_rubrique34.html__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzo5yrZAg$>
> --
> policy-charter mailing list
> policy-charter at lists.openid.net
> https://lists.openid.net/mailman/listinfo/policy-charter
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/policy-charter/attachments/20230627/eaff9577/attachment-0001.html>

More information about the policy-charter mailing list