[policy-charter] Link to PDP-PEP Interop WG Charter draft document
Alex Babeanu
alex at 3edges.com
Tue Jun 27 15:42:27 UTC 2023
Also, are we deciding to completely ignore NGAC? I think that should be
considered as well, considering it's the latest standard for authorization
out there...
https://standards.incits.org/apps/group_public/project/details.php?project_id=2328
./\.
On Tue, Jun 27, 2023 at 8:40 AM David Brossard via policy-charter <
policy-charter at lists.openid.net> wrote:
> We totally should! It is an oversight on my part because I am so policy
> biased. Sorry!
>
> On Tue, Jun 27, 2023, 8:25 AM Andres Aguiar <andres.aguiar at okta.com>
> wrote:
>
>> Hi all!
>>
>> Any reason not to include Google Zanzibar-inspired AuthZ implementations
>> (e.g. OpenFGA, Topaz, SpiceDB, Permify, etc) as part of the scope of this
>> effort?
>>
>> Regards,
>>
>> Andres
>>
>>
>> On Tue, Jun 27, 2023 at 12:09 PM David Brossard via policy-charter <
>> policy-charter at lists.openid.net> wrote:
>>
>>> *This message originated outside your organization.*
>>>
>>> ------------------------------
>>>
>>> I added notes and comments in the Google Doc
>>> <https://docs.google.com/document/d/1ijAaymAapYyeV_3qMVjuLtNzoskKsh7R/edit?pli=1>.
>>> I think it is worth highlighting we're not after yet another standard
>>> <https://urldefense.com/v3/__https://xkcd.com/927/__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzOe8cLp8$>.
>>> We want to:
>>>
>>> 1. increase interoperability between existing standards. In my mind,
>>> the four horsemen of the ap-authz-calypse are ALFA, Cedar, OPA, and IDQL.
>>> 1. interop from a policy management perspective
>>> 2. interop from a runtime request/response perspective
>>> 2. increase awareness of externalized authz so that software
>>> developers/owners/SaaS never rebuild their own
>>> 1. Be the OAuth/SAML of authZ
>>> 2. Define and propose standard authZ patterns
>>> 1. use cases
>>> 2. integration patterns
>>>
>>>
>>> On Mon, Jun 26, 2023 at 8:42 AM Alex Babeanu via policy-charter <
>>> policy-charter at lists.openid.net> wrote:
>>>
>>>> Sounds good to me too.
>>>> Thanks,
>>>>
>>>> ./\.
>>>>
>>>> On Fri, Jun 23, 2023 at 10:00 AM Andrew Hughes via policy-charter <
>>>> policy-charter at lists.openid.net> wrote:
>>>>
>>>>> Anyone else want to weigh in on this?
>>>>>
>>>>> I'm onboard with Pieter's suggestion that the attached document
>>>>> describes a deliverable of a larger work group - if so, I'd like to get
>>>>> closure on the description quickly
>>>>>
>>>>> I hope it's a simple and non-controversial deliverable...
>>>>>
>>>>> Andrew Hughes
>>>>> Director - Identity Standards
>>>>> andrewhughes at pingidentity.com
>>>>> Mobile/Signal: +1 250 888 9474
>>>>>
>>>>>
>>>>>
>>>>> On Mon, Jun 19, 2023 at 4:30 AM Pieter Kasselman via policy-charter <
>>>>> policy-charter at lists.openid.net> wrote:
>>>>>
>>>>>> My perspective is that we should have one Work Group focused on
>>>>>> authorization with multiple deliverables (e.g. OpenID Connect and SSF for
>>>>>> example has multiple deliverables) to start with. This way everyone
>>>>>> interested in the authorization topic has visibility into the different
>>>>>> work items and we get the benefit of wider participation and review.
>>>>>>
>>>>>>
>>>>>>
>>>>>> Agreed that something with Authorization in the name would make
>>>>>> sense, something like AuthZEN Framework (AuthoriZation ExchaNge Framework)
>>>>>> or AuthIT/AuthZIT Framework (Authorization Interoperability Technology
>>>>>> Framework)….
>>>>>>
>>>>>>
>>>>>>
>>>>>> *From:* policy-charter <policy-charter-bounces at lists.openid.net> *On
>>>>>> Behalf Of *Allan Foster via policy-charter
>>>>>> *Sent:* Friday, June 16, 2023 10:46 PM
>>>>>> *To:* Policy Charter Mail List <policy-charter at lists.openid.net>
>>>>>> *Cc:* Allan Foster <allan at macguru.com>
>>>>>> *Subject:* Re: [policy-charter] Link to PDP-PEP Interop WG Charter
>>>>>> draft document
>>>>>>
>>>>>>
>>>>>>
>>>>>> So, I wonder if we should do two different WGs, or one WG with two
>>>>>> different standards…. (At least, for now?)
>>>>>>
>>>>>>
>>>>>>
>>>>>> I am inclined to think the WG should be AuthZ something……. and have
>>>>>> two separate streams…. (or standards?)
>>>>>>
>>>>>>
>>>>>>
>>>>>> Thoughts
>>>>>>
>>>>>>
>>>>>>
>>>>>> Allan
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Friday, Jun 16, 2023 at 14:02, Alex Babeanu via policy-charter <
>>>>>> policy-charter at lists.openid.net> wrote:
>>>>>>
>>>>>> Thanks Andrew!
>>>>>>
>>>>>> Added a first comment in there... The season's open!
>>>>>>
>>>>>>
>>>>>>
>>>>>> ./\.
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Fri, Jun 16, 2023 at 11:50 AM Andrew Hughes via policy-charter <
>>>>>> policy-charter at lists.openid.net> wrote:
>>>>>>
>>>>>> Here is the document I have started - the link puts you into
>>>>>> "suggest" mode. Please add text with self-attribution. Be respectful of
>>>>>> others' contributions.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> https://docs.google.com/document/d/1ijAaymAapYyeV_3qMVjuLtNzoskKsh7R/edit?usp=sharing&ouid=110252403279221684258&rtpof=true&sd=true
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> [image: Ping Identity]
>>>>>> <https://urldefense.com/v3/__https://www.pingidentity.com/__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzcNeP4vs$>
>>>>>>
>>>>>> *Andrew Hughes*
>>>>>> Director - Identity Standards
>>>>>> andrewhughes at pingidentity.com
>>>>>>
>>>>>> *Connect with us: *
>>>>>>
>>>>>> [image: Glassdoor logo]
>>>>>> <https://urldefense.com/v3/__https://www.glassdoor.com/Overview/Working-at-Ping-Identity-EI_IE380907.11,24.htm__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzWdCjpz4$>[image:
>>>>>> LinkedIn logo] <https://www.linkedin.com/company/21870>[image:
>>>>>> twitter logo]
>>>>>> <https://urldefense.com/v3/__https://twitter.com/pingidentity__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzDUeSi2c$>[image:
>>>>>> facebook logo]
>>>>>> <https://urldefense.com/v3/__https://www.facebook.com/pingidentitypage__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzqt_Q5uo$>[image:
>>>>>> youtube logo]
>>>>>> <https://urldefense.com/v3/__https://www.youtube.com/user/PingIdentityTV__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzayZ0G60$>[image:
>>>>>> Blog logo]
>>>>>> <https://urldefense.com/v3/__https://www.pingidentity.com/en/blog.html__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzBZ_t8is$>
>>>>>>
>>>>>>
>>>>>> <https://urldefense.com/v3/__https://www.pingidentity.com/en/company/championing-every-identity/dei.html?utm_source=direct*20to*20website&utm_medium=emailsig__;JSU!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzIokbF3o$>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> *CONFIDENTIALITY NOTICE: This email may contain confidential and
>>>>>> privileged material for the sole use of the intended recipient(s). Any
>>>>>> review, use, distribution or disclosure by others is strictly prohibited.
>>>>>> If you have received this communication in error, please notify the sender
>>>>>> immediately by e-mail and delete the message and any file attachments from
>>>>>> your computer. Thank you.*--
>>>>>> policy-charter mailing list
>>>>>> policy-charter at lists.openid.net
>>>>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>>>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/policy-charter__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzI-GNWW0$>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>>
>>>>>> [image: This is Alexandre Babeanu's card. Their email is
>>>>>> alex at 3edges.com. Their phone number is +1 604 728 8130.]
>>>>>> <https://urldefense.com/v3/__https://hihello.me/p/cda689b1-0378-4b9c-88cf-33a9bc8ef0c5__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzhrCCuoA$>
>>>>>>
>>>>>>
>>>>>> CONFIDENTIALITY NOTICE: This e-mail message, including any
>>>>>> attachments hereto, is for the sole use of the intended recipient(s) and
>>>>>> may contain confidential and/or proprietary information.
>>>>>> --
>>>>>> policy-charter mailing list
>>>>>> policy-charter at lists.openid.net
>>>>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>>>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/policy-charter__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzI-GNWW0$>
>>>>>>
>>>>>> --
>>>>>> policy-charter mailing list
>>>>>> policy-charter at lists.openid.net
>>>>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>>>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/policy-charter__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzI-GNWW0$>
>>>>>>
>>>>>
>>>>> *CONFIDENTIALITY NOTICE: This email may contain confidential and
>>>>> privileged material for the sole use of the intended recipient(s). Any
>>>>> review, use, distribution or disclosure by others is strictly prohibited.
>>>>> If you have received this communication in error, please notify the sender
>>>>> immediately by e-mail and delete the message and any file attachments from
>>>>> your computer. Thank you.*--
>>>>> policy-charter mailing list
>>>>> policy-charter at lists.openid.net
>>>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/policy-charter__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzI-GNWW0$>
>>>>>
>>>>
>>>>
>>>> --
>>>> [image: This is Alexandre Babeanu's card. Their email is
>>>> alex at 3edges.com. Their phone number is +1 604 728 8130.]
>>>> <https://urldefense.com/v3/__https://hihello.me/p/cda689b1-0378-4b9c-88cf-33a9bc8ef0c5__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzhrCCuoA$>
>>>>
>>>> CONFIDENTIALITY NOTICE: This e-mail message, including any attachments
>>>> hereto, is for the sole use of the intended recipient(s) and may contain
>>>> confidential and/or proprietary information.
>>>> --
>>>> policy-charter mailing list
>>>> policy-charter at lists.openid.net
>>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/policy-charter__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzI-GNWW0$>
>>>>
>>>
>>>
>>> --
>>> ---
>>> David Brossard
>>> http://www.linkedin.com/in/davidbrossard
>>> http://twitter.com/davidjbrossard
>>> <https://urldefense.com/v3/__http://twitter.com/davidjbrossard__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzQRlFaRU$>
>>> http://about.me/brossard
>>> <https://urldefense.com/v3/__http://about.me/brossard__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzQqI8AE8$>
>>> ---
>>> Stay safe on the Internet: http://www.ic3.gov/preventiontips.aspx
>>> <https://urldefense.com/v3/__http://www.ic3.gov/preventiontips.aspx__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzljfWGu0$>
>>> Prenez vos précautions sur Internet:
>>> http://www.securite-informatique.gouv.fr/gp_rubrique34.html
>>> <https://urldefense.com/v3/__http://www.securite-informatique.gouv.fr/gp_rubrique34.html__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzo5yrZAg$>
>>> --
>>> policy-charter mailing list
>>> policy-charter at lists.openid.net
>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>
>> --
> policy-charter mailing list
> policy-charter at lists.openid.net
> https://lists.openid.net/mailman/listinfo/policy-charter
>
--
[image: This is Alexandre Babeanu's card. Their email is alex at 3edges.com.
Their phone number is +1 604 728 8130.]
<https://hihello.me/p/cda689b1-0378-4b9c-88cf-33a9bc8ef0c5>
--
CONFIDENTIALITY NOTICE: This e-mail message, including any attachments
hereto, is for the sole use of the intended recipient(s) and may contain
confidential and/or proprietary information.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/policy-charter/attachments/20230627/477cd11e/attachment-0001.html>
More information about the policy-charter
mailing list