[policy-charter] Link to PDP-PEP Interop WG Charter draft document
Andrew Hughes
andrewhughes at pingidentity.com
Tue Jun 27 15:53:10 UTC 2023
C'mon everyone - we are almost at 14 specs! You can do it! only a few more
to go before we need a 15th one!
;-)
[Ref: xkcd comic # something]
Andrew Hughes
Director - Identity Standards
andrewhughes at pingidentity.com
Mobile/Signal: +1 250 888 9474
On Tue, Jun 27, 2023 at 8:42 AM Alex Babeanu via policy-charter <
policy-charter at lists.openid.net> wrote:
> Also, are we deciding to completely ignore NGAC? I think that should be
> considered as well, considering it's the latest standard for authorization
> out there...
>
> https://standards.incits.org/apps/group_public/project/details.php?project_id=2328
>
> ./\.
>
> On Tue, Jun 27, 2023 at 8:40 AM David Brossard via policy-charter <
> policy-charter at lists.openid.net> wrote:
>
>> We totally should! It is an oversight on my part because I am so policy
>> biased. Sorry!
>>
>> On Tue, Jun 27, 2023, 8:25 AM Andres Aguiar <andres.aguiar at okta.com>
>> wrote:
>>
>>> Hi all!
>>>
>>> Any reason not to include Google Zanzibar-inspired AuthZ implementations
>>> (e.g. OpenFGA, Topaz, SpiceDB, Permify, etc) as part of the scope of this
>>> effort?
>>>
>>> Regards,
>>>
>>> Andres
>>>
>>>
>>> On Tue, Jun 27, 2023 at 12:09 PM David Brossard via policy-charter <
>>> policy-charter at lists.openid.net> wrote:
>>>
>>>> *This message originated outside your organization.*
>>>>
>>>> ------------------------------
>>>>
>>>> I added notes and comments in the Google Doc
>>>> <https://docs.google.com/document/d/1ijAaymAapYyeV_3qMVjuLtNzoskKsh7R/edit?pli=1>.
>>>> I think it is worth highlighting we're not after yet another standard
>>>> <https://urldefense.com/v3/__https://xkcd.com/927/__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzOe8cLp8$>.
>>>> We want to:
>>>>
>>>> 1. increase interoperability between existing standards. In my
>>>> mind, the four horsemen of the ap-authz-calypse are ALFA, Cedar, OPA, and
>>>> IDQL.
>>>> 1. interop from a policy management perspective
>>>> 2. interop from a runtime request/response perspective
>>>> 2. increase awareness of externalized authz so that software
>>>> developers/owners/SaaS never rebuild their own
>>>> 1. Be the OAuth/SAML of authZ
>>>> 2. Define and propose standard authZ patterns
>>>> 1. use cases
>>>> 2. integration patterns
>>>>
>>>>
>>>> On Mon, Jun 26, 2023 at 8:42 AM Alex Babeanu via policy-charter <
>>>> policy-charter at lists.openid.net> wrote:
>>>>
>>>>> Sounds good to me too.
>>>>> Thanks,
>>>>>
>>>>> ./\.
>>>>>
>>>>> On Fri, Jun 23, 2023 at 10:00 AM Andrew Hughes via policy-charter <
>>>>> policy-charter at lists.openid.net> wrote:
>>>>>
>>>>>> Anyone else want to weigh in on this?
>>>>>>
>>>>>> I'm onboard with Pieter's suggestion that the attached document
>>>>>> describes a deliverable of a larger work group - if so, I'd like to get
>>>>>> closure on the description quickly
>>>>>>
>>>>>> I hope it's a simple and non-controversial deliverable...
>>>>>>
>>>>>> Andrew Hughes
>>>>>> Director - Identity Standards
>>>>>> andrewhughes at pingidentity.com
>>>>>> Mobile/Signal: +1 250 888 9474
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Mon, Jun 19, 2023 at 4:30 AM Pieter Kasselman via policy-charter <
>>>>>> policy-charter at lists.openid.net> wrote:
>>>>>>
>>>>>>> My perspective is that we should have one Work Group focused on
>>>>>>> authorization with multiple deliverables (e.g. OpenID Connect and SSF for
>>>>>>> example has multiple deliverables) to start with. This way everyone
>>>>>>> interested in the authorization topic has visibility into the different
>>>>>>> work items and we get the benefit of wider participation and review.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Agreed that something with Authorization in the name would make
>>>>>>> sense, something like AuthZEN Framework (AuthoriZation ExchaNge Framework)
>>>>>>> or AuthIT/AuthZIT Framework (Authorization Interoperability Technology
>>>>>>> Framework)….
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> *From:* policy-charter <policy-charter-bounces at lists.openid.net> *On
>>>>>>> Behalf Of *Allan Foster via policy-charter
>>>>>>> *Sent:* Friday, June 16, 2023 10:46 PM
>>>>>>> *To:* Policy Charter Mail List <policy-charter at lists.openid.net>
>>>>>>> *Cc:* Allan Foster <allan at macguru.com>
>>>>>>> *Subject:* Re: [policy-charter] Link to PDP-PEP Interop WG Charter
>>>>>>> draft document
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> So, I wonder if we should do two different WGs, or one WG with two
>>>>>>> different standards…. (At least, for now?)
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> I am inclined to think the WG should be AuthZ something……. and
>>>>>>> have two separate streams…. (or standards?)
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Thoughts
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Allan
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Friday, Jun 16, 2023 at 14:02, Alex Babeanu via policy-charter <
>>>>>>> policy-charter at lists.openid.net> wrote:
>>>>>>>
>>>>>>> Thanks Andrew!
>>>>>>>
>>>>>>> Added a first comment in there... The season's open!
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ./\.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Fri, Jun 16, 2023 at 11:50 AM Andrew Hughes via policy-charter <
>>>>>>> policy-charter at lists.openid.net> wrote:
>>>>>>>
>>>>>>> Here is the document I have started - the link puts you into
>>>>>>> "suggest" mode. Please add text with self-attribution. Be respectful of
>>>>>>> others' contributions.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> https://docs.google.com/document/d/1ijAaymAapYyeV_3qMVjuLtNzoskKsh7R/edit?usp=sharing&ouid=110252403279221684258&rtpof=true&sd=true
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> [image: Ping Identity]
>>>>>>> <https://urldefense.com/v3/__https://www.pingidentity.com/__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzcNeP4vs$>
>>>>>>>
>>>>>>> *Andrew Hughes*
>>>>>>> Director - Identity Standards
>>>>>>> andrewhughes at pingidentity.com
>>>>>>>
>>>>>>> *Connect with us: *
>>>>>>>
>>>>>>> [image: Glassdoor logo]
>>>>>>> <https://urldefense.com/v3/__https://www.glassdoor.com/Overview/Working-at-Ping-Identity-EI_IE380907.11,24.htm__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzWdCjpz4$>[image:
>>>>>>> LinkedIn logo] <https://www.linkedin.com/company/21870>[image:
>>>>>>> twitter logo]
>>>>>>> <https://urldefense.com/v3/__https://twitter.com/pingidentity__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzDUeSi2c$>[image:
>>>>>>> facebook logo]
>>>>>>> <https://urldefense.com/v3/__https://www.facebook.com/pingidentitypage__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzqt_Q5uo$>[image:
>>>>>>> youtube logo]
>>>>>>> <https://urldefense.com/v3/__https://www.youtube.com/user/PingIdentityTV__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzayZ0G60$>[image:
>>>>>>> Blog logo]
>>>>>>> <https://urldefense.com/v3/__https://www.pingidentity.com/en/blog.html__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzBZ_t8is$>
>>>>>>>
>>>>>>>
>>>>>>> <https://urldefense.com/v3/__https://www.pingidentity.com/en/company/championing-every-identity/dei.html?utm_source=direct*20to*20website&utm_medium=emailsig__;JSU!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzIokbF3o$>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> *CONFIDENTIALITY NOTICE: This email may contain confidential and
>>>>>>> privileged material for the sole use of the intended recipient(s). Any
>>>>>>> review, use, distribution or disclosure by others is strictly prohibited.
>>>>>>> If you have received this communication in error, please notify the sender
>>>>>>> immediately by e-mail and delete the message and any file attachments from
>>>>>>> your computer. Thank you.*--
>>>>>>> policy-charter mailing list
>>>>>>> policy-charter at lists.openid.net
>>>>>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>>>>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/policy-charter__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzI-GNWW0$>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>>
>>>>>>> [image: This is Alexandre Babeanu's card. Their email is
>>>>>>> alex at 3edges.com. Their phone number is +1 604 728 8130.]
>>>>>>> <https://urldefense.com/v3/__https://hihello.me/p/cda689b1-0378-4b9c-88cf-33a9bc8ef0c5__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzhrCCuoA$>
>>>>>>>
>>>>>>>
>>>>>>> CONFIDENTIALITY NOTICE: This e-mail message, including any
>>>>>>> attachments hereto, is for the sole use of the intended recipient(s) and
>>>>>>> may contain confidential and/or proprietary information.
>>>>>>> --
>>>>>>> policy-charter mailing list
>>>>>>> policy-charter at lists.openid.net
>>>>>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>>>>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/policy-charter__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzI-GNWW0$>
>>>>>>>
>>>>>>> --
>>>>>>> policy-charter mailing list
>>>>>>> policy-charter at lists.openid.net
>>>>>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>>>>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/policy-charter__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzI-GNWW0$>
>>>>>>>
>>>>>>
>>>>>> *CONFIDENTIALITY NOTICE: This email may contain confidential and
>>>>>> privileged material for the sole use of the intended recipient(s). Any
>>>>>> review, use, distribution or disclosure by others is strictly prohibited.
>>>>>> If you have received this communication in error, please notify the sender
>>>>>> immediately by e-mail and delete the message and any file attachments from
>>>>>> your computer. Thank you.*--
>>>>>> policy-charter mailing list
>>>>>> policy-charter at lists.openid.net
>>>>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>>>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/policy-charter__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzI-GNWW0$>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> [image: This is Alexandre Babeanu's card. Their email is
>>>>> alex at 3edges.com. Their phone number is +1 604 728 8130.]
>>>>> <https://urldefense.com/v3/__https://hihello.me/p/cda689b1-0378-4b9c-88cf-33a9bc8ef0c5__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzhrCCuoA$>
>>>>>
>>>>> CONFIDENTIALITY NOTICE: This e-mail message, including any attachments
>>>>> hereto, is for the sole use of the intended recipient(s) and may contain
>>>>> confidential and/or proprietary information.
>>>>> --
>>>>> policy-charter mailing list
>>>>> policy-charter at lists.openid.net
>>>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/policy-charter__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzI-GNWW0$>
>>>>>
>>>>
>>>>
>>>> --
>>>> ---
>>>> David Brossard
>>>> http://www.linkedin.com/in/davidbrossard
>>>> http://twitter.com/davidjbrossard
>>>> <https://urldefense.com/v3/__http://twitter.com/davidjbrossard__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzQRlFaRU$>
>>>> http://about.me/brossard
>>>> <https://urldefense.com/v3/__http://about.me/brossard__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzQqI8AE8$>
>>>> ---
>>>> Stay safe on the Internet: http://www.ic3.gov/preventiontips.aspx
>>>> <https://urldefense.com/v3/__http://www.ic3.gov/preventiontips.aspx__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzljfWGu0$>
>>>> Prenez vos précautions sur Internet:
>>>> http://www.securite-informatique.gouv.fr/gp_rubrique34.html
>>>> <https://urldefense.com/v3/__http://www.securite-informatique.gouv.fr/gp_rubrique34.html__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzo5yrZAg$>
>>>> --
>>>> policy-charter mailing list
>>>> policy-charter at lists.openid.net
>>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>>
>>> --
>> policy-charter mailing list
>> policy-charter at lists.openid.net
>> https://lists.openid.net/mailman/listinfo/policy-charter
>>
>
>
> --
> [image: This is Alexandre Babeanu's card. Their email is alex at 3edges.com.
> Their phone number is +1 604 728 8130.]
> <https://hihello.me/p/cda689b1-0378-4b9c-88cf-33a9bc8ef0c5>
>
> CONFIDENTIALITY NOTICE: This e-mail message, including any attachments
> hereto, is for the sole use of the intended recipient(s) and may contain
> confidential and/or proprietary information.
> --
> policy-charter mailing list
> policy-charter at lists.openid.net
> https://lists.openid.net/mailman/listinfo/policy-charter
>
--
_CONFIDENTIALITY NOTICE: This email may contain confidential and privileged
material for the sole use of the intended recipient(s). Any review, use,
distribution or disclosure by others is strictly prohibited. If you have
received this communication in error, please notify the sender immediately
by e-mail and delete the message and any file attachments from your
computer. Thank you._
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/policy-charter/attachments/20230627/ac83fdef/attachment-0001.html>
More information about the policy-charter
mailing list