[policy-charter] Link to PDP-PEP Interop WG Charter draft document
Steve Hutchinson
sehutchinson at gmail.com
Tue Jun 27 16:16:24 UTC 2023
I thought we were building the 15th one ;-)
On Tue, Jun 27, 2023 at 11:53 AM Andrew Hughes via policy-charter <
policy-charter at lists.openid.net> wrote:
> C'mon everyone - we are almost at 14 specs! You can do it! only a few more
> to go before we need a 15th one!
> ;-)
>
> [Ref: xkcd comic # something]
>
> Andrew Hughes
> Director - Identity Standards
> andrewhughes at pingidentity.com
> Mobile/Signal: +1 250 888 9474
>
>
>
> On Tue, Jun 27, 2023 at 8:42 AM Alex Babeanu via policy-charter <
> policy-charter at lists.openid.net> wrote:
>
>> Also, are we deciding to completely ignore NGAC? I think that should be
>> considered as well, considering it's the latest standard for authorization
>> out there...
>>
>> https://standards.incits.org/apps/group_public/project/details.php?project_id=2328
>>
>> ./\.
>>
>> On Tue, Jun 27, 2023 at 8:40 AM David Brossard via policy-charter <
>> policy-charter at lists.openid.net> wrote:
>>
>>> We totally should! It is an oversight on my part because I am so policy
>>> biased. Sorry!
>>>
>>> On Tue, Jun 27, 2023, 8:25 AM Andres Aguiar <andres.aguiar at okta.com>
>>> wrote:
>>>
>>>> Hi all!
>>>>
>>>> Any reason not to include Google Zanzibar-inspired AuthZ
>>>> implementations (e.g. OpenFGA, Topaz, SpiceDB, Permify, etc) as part of the
>>>> scope of this effort?
>>>>
>>>> Regards,
>>>>
>>>> Andres
>>>>
>>>>
>>>> On Tue, Jun 27, 2023 at 12:09 PM David Brossard via policy-charter <
>>>> policy-charter at lists.openid.net> wrote:
>>>>
>>>>> *This message originated outside your organization.*
>>>>>
>>>>> ------------------------------
>>>>>
>>>>> I added notes and comments in the Google Doc
>>>>> <https://docs.google.com/document/d/1ijAaymAapYyeV_3qMVjuLtNzoskKsh7R/edit?pli=1>.
>>>>> I think it is worth highlighting we're not after yet another standard
>>>>> <https://urldefense.com/v3/__https://xkcd.com/927/__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzOe8cLp8$>.
>>>>> We want to:
>>>>>
>>>>> 1. increase interoperability between existing standards. In my
>>>>> mind, the four horsemen of the ap-authz-calypse are ALFA, Cedar, OPA, and
>>>>> IDQL.
>>>>> 1. interop from a policy management perspective
>>>>> 2. interop from a runtime request/response perspective
>>>>> 2. increase awareness of externalized authz so that software
>>>>> developers/owners/SaaS never rebuild their own
>>>>> 1. Be the OAuth/SAML of authZ
>>>>> 2. Define and propose standard authZ patterns
>>>>> 1. use cases
>>>>> 2. integration patterns
>>>>>
>>>>>
>>>>> On Mon, Jun 26, 2023 at 8:42 AM Alex Babeanu via policy-charter <
>>>>> policy-charter at lists.openid.net> wrote:
>>>>>
>>>>>> Sounds good to me too.
>>>>>> Thanks,
>>>>>>
>>>>>> ./\.
>>>>>>
>>>>>> On Fri, Jun 23, 2023 at 10:00 AM Andrew Hughes via policy-charter <
>>>>>> policy-charter at lists.openid.net> wrote:
>>>>>>
>>>>>>> Anyone else want to weigh in on this?
>>>>>>>
>>>>>>> I'm onboard with Pieter's suggestion that the attached document
>>>>>>> describes a deliverable of a larger work group - if so, I'd like to get
>>>>>>> closure on the description quickly
>>>>>>>
>>>>>>> I hope it's a simple and non-controversial deliverable...
>>>>>>>
>>>>>>> Andrew Hughes
>>>>>>> Director - Identity Standards
>>>>>>> andrewhughes at pingidentity.com
>>>>>>> Mobile/Signal: +1 250 888 9474
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Mon, Jun 19, 2023 at 4:30 AM Pieter Kasselman via policy-charter <
>>>>>>> policy-charter at lists.openid.net> wrote:
>>>>>>>
>>>>>>>> My perspective is that we should have one Work Group focused on
>>>>>>>> authorization with multiple deliverables (e.g. OpenID Connect and SSF for
>>>>>>>> example has multiple deliverables) to start with. This way everyone
>>>>>>>> interested in the authorization topic has visibility into the different
>>>>>>>> work items and we get the benefit of wider participation and review.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Agreed that something with Authorization in the name would make
>>>>>>>> sense, something like AuthZEN Framework (AuthoriZation ExchaNge Framework)
>>>>>>>> or AuthIT/AuthZIT Framework (Authorization Interoperability Technology
>>>>>>>> Framework)….
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> *From:* policy-charter <policy-charter-bounces at lists.openid.net> *On
>>>>>>>> Behalf Of *Allan Foster via policy-charter
>>>>>>>> *Sent:* Friday, June 16, 2023 10:46 PM
>>>>>>>> *To:* Policy Charter Mail List <policy-charter at lists.openid.net>
>>>>>>>> *Cc:* Allan Foster <allan at macguru.com>
>>>>>>>> *Subject:* Re: [policy-charter] Link to PDP-PEP Interop WG Charter
>>>>>>>> draft document
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> So, I wonder if we should do two different WGs, or one WG with
>>>>>>>> two different standards…. (At least, for now?)
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> I am inclined to think the WG should be AuthZ something……. and
>>>>>>>> have two separate streams…. (or standards?)
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Thoughts
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Allan
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Friday, Jun 16, 2023 at 14:02, Alex Babeanu via policy-charter <
>>>>>>>> policy-charter at lists.openid.net> wrote:
>>>>>>>>
>>>>>>>> Thanks Andrew!
>>>>>>>>
>>>>>>>> Added a first comment in there... The season's open!
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ./\.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Fri, Jun 16, 2023 at 11:50 AM Andrew Hughes via policy-charter <
>>>>>>>> policy-charter at lists.openid.net> wrote:
>>>>>>>>
>>>>>>>> Here is the document I have started - the link puts you into
>>>>>>>> "suggest" mode. Please add text with self-attribution. Be respectful of
>>>>>>>> others' contributions.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> https://docs.google.com/document/d/1ijAaymAapYyeV_3qMVjuLtNzoskKsh7R/edit?usp=sharing&ouid=110252403279221684258&rtpof=true&sd=true
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> [image: Ping Identity]
>>>>>>>> <https://urldefense.com/v3/__https://www.pingidentity.com/__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzcNeP4vs$>
>>>>>>>>
>>>>>>>> *Andrew Hughes*
>>>>>>>> Director - Identity Standards
>>>>>>>> andrewhughes at pingidentity.com
>>>>>>>>
>>>>>>>> *Connect with us: *
>>>>>>>>
>>>>>>>> [image: Glassdoor logo]
>>>>>>>> <https://urldefense.com/v3/__https://www.glassdoor.com/Overview/Working-at-Ping-Identity-EI_IE380907.11,24.htm__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzWdCjpz4$>[image:
>>>>>>>> LinkedIn logo] <https://www.linkedin.com/company/21870>[image:
>>>>>>>> twitter logo]
>>>>>>>> <https://urldefense.com/v3/__https://twitter.com/pingidentity__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzDUeSi2c$>[image:
>>>>>>>> facebook logo]
>>>>>>>> <https://urldefense.com/v3/__https://www.facebook.com/pingidentitypage__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzqt_Q5uo$>[image:
>>>>>>>> youtube logo]
>>>>>>>> <https://urldefense.com/v3/__https://www.youtube.com/user/PingIdentityTV__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzayZ0G60$>[image:
>>>>>>>> Blog logo]
>>>>>>>> <https://urldefense.com/v3/__https://www.pingidentity.com/en/blog.html__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzBZ_t8is$>
>>>>>>>>
>>>>>>>>
>>>>>>>> <https://urldefense.com/v3/__https://www.pingidentity.com/en/company/championing-every-identity/dei.html?utm_source=direct*20to*20website&utm_medium=emailsig__;JSU!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzIokbF3o$>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> *CONFIDENTIALITY NOTICE: This email may contain confidential and
>>>>>>>> privileged material for the sole use of the intended recipient(s). Any
>>>>>>>> review, use, distribution or disclosure by others is strictly prohibited.
>>>>>>>> If you have received this communication in error, please notify the sender
>>>>>>>> immediately by e-mail and delete the message and any file attachments from
>>>>>>>> your computer. Thank you.*--
>>>>>>>> policy-charter mailing list
>>>>>>>> policy-charter at lists.openid.net
>>>>>>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>>>>>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/policy-charter__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzI-GNWW0$>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>>
>>>>>>>> [image: This is Alexandre Babeanu's card. Their email is
>>>>>>>> alex at 3edges.com. Their phone number is +1 604 728 8130.]
>>>>>>>> <https://urldefense.com/v3/__https://hihello.me/p/cda689b1-0378-4b9c-88cf-33a9bc8ef0c5__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzhrCCuoA$>
>>>>>>>>
>>>>>>>>
>>>>>>>> CONFIDENTIALITY NOTICE: This e-mail message, including any
>>>>>>>> attachments hereto, is for the sole use of the intended recipient(s) and
>>>>>>>> may contain confidential and/or proprietary information.
>>>>>>>> --
>>>>>>>> policy-charter mailing list
>>>>>>>> policy-charter at lists.openid.net
>>>>>>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>>>>>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/policy-charter__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzI-GNWW0$>
>>>>>>>>
>>>>>>>> --
>>>>>>>> policy-charter mailing list
>>>>>>>> policy-charter at lists.openid.net
>>>>>>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>>>>>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/policy-charter__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzI-GNWW0$>
>>>>>>>>
>>>>>>>
>>>>>>> *CONFIDENTIALITY NOTICE: This email may contain confidential and
>>>>>>> privileged material for the sole use of the intended recipient(s). Any
>>>>>>> review, use, distribution or disclosure by others is strictly prohibited.
>>>>>>> If you have received this communication in error, please notify the sender
>>>>>>> immediately by e-mail and delete the message and any file attachments from
>>>>>>> your computer. Thank you.*--
>>>>>>> policy-charter mailing list
>>>>>>> policy-charter at lists.openid.net
>>>>>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>>>>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/policy-charter__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzI-GNWW0$>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> [image: This is Alexandre Babeanu's card. Their email is
>>>>>> alex at 3edges.com. Their phone number is +1 604 728 8130.]
>>>>>> <https://urldefense.com/v3/__https://hihello.me/p/cda689b1-0378-4b9c-88cf-33a9bc8ef0c5__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzhrCCuoA$>
>>>>>>
>>>>>> CONFIDENTIALITY NOTICE: This e-mail message, including any
>>>>>> attachments hereto, is for the sole use of the intended recipient(s) and
>>>>>> may contain confidential and/or proprietary information.
>>>>>> --
>>>>>> policy-charter mailing list
>>>>>> policy-charter at lists.openid.net
>>>>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>>>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/policy-charter__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzI-GNWW0$>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> ---
>>>>> David Brossard
>>>>> http://www.linkedin.com/in/davidbrossard
>>>>> http://twitter.com/davidjbrossard
>>>>> <https://urldefense.com/v3/__http://twitter.com/davidjbrossard__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzQRlFaRU$>
>>>>> http://about.me/brossard
>>>>> <https://urldefense.com/v3/__http://about.me/brossard__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzQqI8AE8$>
>>>>> ---
>>>>> Stay safe on the Internet: http://www.ic3.gov/preventiontips.aspx
>>>>> <https://urldefense.com/v3/__http://www.ic3.gov/preventiontips.aspx__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzljfWGu0$>
>>>>> Prenez vos précautions sur Internet:
>>>>> http://www.securite-informatique.gouv.fr/gp_rubrique34.html
>>>>> <https://urldefense.com/v3/__http://www.securite-informatique.gouv.fr/gp_rubrique34.html__;!!PwKahg!7CiEei7WdBTxJUMqNJFiUZQ9jwPpoNIfxQxrts9bExQWpcmbLO_4TGBB6Dxzr2FYI2K8MlYzykAbVBcqOJdTyOfzo5yrZAg$>
>>>>> --
>>>>> policy-charter mailing list
>>>>> policy-charter at lists.openid.net
>>>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>>>
>>>> --
>>> policy-charter mailing list
>>> policy-charter at lists.openid.net
>>> https://lists.openid.net/mailman/listinfo/policy-charter
>>>
>>
>>
>> --
>> [image: This is Alexandre Babeanu's card. Their email is alex at 3edges.com.
>> Their phone number is +1 604 728 8130.]
>> <https://hihello.me/p/cda689b1-0378-4b9c-88cf-33a9bc8ef0c5>
>>
>> CONFIDENTIALITY NOTICE: This e-mail message, including any attachments
>> hereto, is for the sole use of the intended recipient(s) and may contain
>> confidential and/or proprietary information.
>> --
>> policy-charter mailing list
>> policy-charter at lists.openid.net
>> https://lists.openid.net/mailman/listinfo/policy-charter
>>
>
> *CONFIDENTIALITY NOTICE: This email may contain confidential and
> privileged material for the sole use of the intended recipient(s). Any
> review, use, distribution or disclosure by others is strictly prohibited.
> If you have received this communication in error, please notify the sender
> immediately by e-mail and delete the message and any file attachments from
> your computer. Thank you.*--
> policy-charter mailing list
> policy-charter at lists.openid.net
> https://lists.openid.net/mailman/listinfo/policy-charter
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/policy-charter/attachments/20230627/6142b5d4/attachment-0001.html>
More information about the policy-charter
mailing list