[policy-charter] Updates to the charter doc
Alex Babeanu
alex at 3edges.com
Thu Aug 10 18:40:48 UTC 2023
Seems ambitious indeed, when all the participants of this workgroup have
their own very different ways of doing things... For instance, we're using
pure graphs (not "tuples', actual vertices and edges). To me it's the best
approach of course. The only way to "top" this would be to use natural
language, imho. Let's hear it from those who don't agree :)...
And anyway yet another language or methodology for authz is not in the
proposed charter scope.
That's my $0.02, waiting for others to chime in though...
./\.
On Thu, Aug 10, 2023 at 10:44 AM Aaron Campbell <acampbell at duosecurity.com>
wrote:
> On Thu, Aug 10, 2023 at 2:29 PM Alex Babeanu <alex at 3edges.com> wrote:
>
>> Re: " but I'd urge an evaluation of the existing technologies and choose
>> one to foster and build upon"
>> -- I strongly disagree!! Whatever we do should be tech-agnostic. Or are
>> you proposing to kill right away whichever company/org doesn't use your
>> "chosen" tech ??
>>
>> I think the idea is to build interop standards: whatever tech you use, we
>> need to be able to exchange data about AuthZ. So start top down instead of
>> bottom up.
>>
>
> That's not what I'm saying. I'm saying that years of effort have already
> gone into building existing policy languages for effecting AuthZ, some of
> them more suited to standardization than others. For example, SQL first
> came out of IBM. And then became standardized. That created a common base
> layer for other tech to grow from.
>
> I agree w/ what Andrew Hughes said in the doc:
>
> DISCUSS: are we going to reconcile the different conceptual underpinnings
> of all the approaches? Seems ambitious.
>
> -Aaron
>
--
[image: This is Alexandre Babeanu's card. Their email is alex at 3edges.com.
Their phone number is +1 604 728 8130.]
<https://hihello.me/p/cda689b1-0378-4b9c-88cf-33a9bc8ef0c5>
--
CONFIDENTIALITY NOTICE: This e-mail message, including any attachments
hereto, is for the sole use of the intended recipient(s) and may contain
confidential and/or proprietary information.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/policy-charter/attachments/20230810/46f4fc0e/attachment.html>
More information about the policy-charter
mailing list