[policy-charter] Updates to the charter doc
Aaron Campbell
acampbell at duosecurity.com
Thu Aug 10 17:43:43 UTC 2023
On Thu, Aug 10, 2023 at 2:29 PM Alex Babeanu <alex at 3edges.com> wrote:
> Re: " but I'd urge an evaluation of the existing technologies and choose
> one to foster and build upon"
> -- I strongly disagree!! Whatever we do should be tech-agnostic. Or are
> you proposing to kill right away whichever company/org doesn't use your
> "chosen" tech ??
>
> I think the idea is to build interop standards: whatever tech you use, we
> need to be able to exchange data about AuthZ. So start top down instead of
> bottom up.
>
That's not what I'm saying. I'm saying that years of effort have already
gone into building existing policy languages for effecting AuthZ, some of
them more suited to standardization than others. For example, SQL first
came out of IBM. And then became standardized. That created a common base
layer for other tech to grow from.
I agree w/ what Andrew Hughes said in the doc:
DISCUSS: are we going to reconcile the different conceptual underpinnings
of all the approaches? Seems ambitious.
-Aaron
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/policy-charter/attachments/20230810/8458dd07/attachment.html>
More information about the policy-charter
mailing list