See also: IRC log
<scribe> scribe: rigo
<scribe> scribenick: rigo
Hi Ashok
<Ashok> Hi Rigo, Good Morning!
for me it's already 2pm :)
<Ashok> Ah! You are in Europe!
<scribe> scribenick:tlr
<scribe> agenda: http://www.w3.org/Policy/pling/wiki/2008-06-11
tlr: Can Jan S give us an update on the Identity camp?
janS: policies and preferences, let's have a tempest
marco: http://www.w3.org/Policy/pling/wiki/Main_Page
... any updates recently?
Ashok: I've added some stuff on
Ws-Policy
... pease note that it's a personal point of view, you might
wish to object against it ...
marco: Want to say what it is?
ashok: What I put in there is
stuff that WS-Policy doesn't say ...
... the spec says how you can write policy ...
... but not how to use them ...
... questions about how ws-policy ought to be used ...
... some interest in W3C work on WS-Policy usage ...
... not yet entirely clear whether and where that might happen
...
... will provide updates ....
<rigo> http://www.w3.org/Policy/pling/wiki/OpenIssues
<scribe> ACTION: Marco to drive discussion about making recent changes visible? [recorded in http://www.w3.org/2008/06/11-pling-minutes.html#action01]
<rigo> http://www.w3.org/Policy/pling/wiki/index.php?title=Special:Recentchanges&days=14
<rigo> for latest changes
marco: Added two pages as
summary, to add some stuff about PRIME privacy-aware
policies
... I will add some more about obligation policies ...
... anything else?
marco: I'm aware of some discussion re JTC1 SC27 WG 5?
jans: Happy to give some overview
of what happened there recently
... Kai R, Manfred ?? and myself from Primelife
... had some discussions about a standard proposed by ITU-T
...
... going into a final state ...
... X.IDMRequirements ...
... came out of FG IdM ...
... data flow model, definitional work ...
... heavy ISO discussion about that ...
... but ITU-T not too happy about these comments ....
... argument is that reducing IDM to basically one model of
identity flow ...
... talking about having the IDP talk to the RP directly
...
... isn't very privacy friendly ...
... and there are systems out there that take different
approaches ...
... getting some political momentum toward the end of the Kyoto
meeting ...
... relatively harsh liaison statement to ITU-T ...
... but ITU-T said they couldn't take it into account, since
there had been a liaison before ...
marco: what'll happen next?
jans: There will be some more
comments; not sure whether they'll be taken into account
... talked to German rep to ITU-T, not clear whether they'll
get it done in time for end of year ...
... within ISO, there's ongoing work on Identity framework and
privacy architecture ...
... this is out there ...
... ??
... Think a liaison statement should have gone out to PLING
giving an overview that WG5 is working on, so useful to look
at
... if I think there's anything that's in scope here, I'll keep
you updated ...
rigo: Have you sent that liaison
statement?
... I actually think we still have to write the request letter
...
jan: We actually didn't pass
anything in this direction
... probably a good idea to request liaison with formal
statement, briefly describing pling ...
... mistakenly thought it was already established ...
rigo: on my plate
jan: Please do statement before September, that's the next meeting where it could be approved.
marco: Anything else on the first point. Otherwise, updates on primelife?
rigo: oh, yes, primelife
update
... first deliverable finished, might be interested.
... it's a list of standards and descriptions ...
... some management stuff to be sorted out ...
tlr: I think the deliverable is intended to be public, so should come up some time soon; Contributing it to pling is another question
marco: liberty -- working on
identity assurance, some of that relates to privacy
... might have deeper look and report during next meeting
...
... on picos... don't think anybody here is involved with that
directly ...
... but I'd be happy to invite somebody relevant from HP labs
to give an update and let them talk about potential links in
terms of use cases and policies ...
... I fear they might also need some specific authorization
...
marco: 24/25 October
... updates on that?
rigo: what we have to do now (and
on the next meeting) ...
... is start thinking about how many people will come, have to
get the room and all that ..
... set up agenda so we can attract other people ...
... and actually, also set up and encourage people to attend
...
... location is very nice ...
... all kinds of good reasons to go there ...
... would love to get a really interesting agenda together
...
... talking about issues we're facing in research projects, and
how they relate to existing standards ...
... talk about what Ashok mentioned; WS-Policy enables
negotiation, but how do you combine that with sticky policies
...
... how can we group the industry to generate sufficient
intereest ...
... these kinds of discussions ...
... what are the challenges we should focus on ...
... for the moment we can discuss use cases or interesting
cases ...
... have a bunch, but don't get around to putting them into the
wiki ...
marco: anything else we should be aware of?
marco: Was anybody here at that meeting?
silence
rigo: If we're still on course,
extension would be granted
... had a short charter, so it's expiring on 30 June at this
point ...
... think it makes sense to continue given PrimeLife and PICOS,
and interest in WS-POlicy ...
... would like to have commitments from chair candidates
...
... Ashok, is Oracle still supporting?
ashok: I'm still interested in working with you guys
rigo: That's what I mean.
marco: Does anybody else have something new?
JanS: some effort to start
momentum toward German OpenID foundation ...
... attended that session, dealt out business cards ...
... in case they're doing anything relevant to privacy
...
... they're not the ones to drive OpenId standard forward
...
... some interesting presentations on the new basic right that
emerged in Germany ...
... some discussion with Caspar Bowden, who was alarmed by some
moves within European Parliament ...
... to narrow down scope of personal data dramatically
...
... not too much that really overlaps with work here ...
... good gathering of community ...
... good thing to continuously do and get going ...
... a lot of people were interested in getting some IDM going
..
... but still looking for the killer app ...
... trying to find ways how to get it going ...
... pointed them to some activities; might be a case for some
enterprise IDM stuff ...
... overall, think it was quite a good event ...
... hope to see this to continue soon ...
marco: Was does "openID in Germany" really mean?
janS: it's some people from
Germany that have a specific interest in OpenID because they
think it's a good protocol ...
... interest in being involved, pushing it into the market
...
... join forces to facilitate that approach ...
... promotion, use cases, ...
marco: impact on policies in the long term; currently, very blurry
jans: some people think OpenID
might be interesting for credentials, but it currently seems to
have flaws that make it unsuitable for secure credential
exchange
... suspect that MS could include OpenID with their metasystem
...
... have heard that there are some implementations for
Shibboleth, Liberty 2.0 tries to include both ...
... talked to caspar bowden about anonymous credential
standardization
... don't think there should be expectations that anything
might happen too soon ...
... ms and ibm might need to sort out somep oints ...
... there could be interest in fast-tracking a common standard
somewhere ...
marco: expect assertions to carry
more and more information ...
... infocard; also, more and more assertions in liberty
...
... will impact back-en policies ...
... ws-policy ...
... use cases where change of credentials occurs within complex
interactions ...
... in context with access control policies, and so on
...
... could be interesting discussion ...
... anything else?
jans: some people said they'd like to see the same language used for preferences and policies ...
<rigo> here comes the supermarket
jans: but Rigo noted serious
implications that would not allow for same language ...
... don't think we'll finish that one today ...
ashok: did you mention there was a paper on this?
jan: not specifically on this; it's a paper that we're preparing as a deliverable within PrimeLife; one paragraph was raising this question
ashok: There has been a lot of
discussion on this ...
... lots of people think this is an important requirement
...
... but nobody has come up with a framework or solution
...
... that's where we are on this ...
... that's why if you have a paper on this, I'd like to read it
...
jans: no paper yet, but if it's
reasonable, then need to move ahead
... instead of halting it right away ...
ashok: What we require is a good
idea
... how to do it ...
jans: will report back after that meeting
<rigo> tlr: think rigo's statement sounded about lesson about P3P WG
<rigo> ...in that case I believe that P3P could not be used without pain to describe preferences
<rigo> ...but what about description of permissible operations, this might work for both
<rigo> ...have been playing around with this 2 years ago
<rigo> ...modelled some subset of P3P in OWL and could use a description logic reasoner to come to conclusions
http://www.adambarth.com/papers/2005/barth-mitchell.pdf
http://www.adambarth.com/papers/2004/barth-mitchell-rosenstein.pdf
here we go... http://www.w3.org/2005/06/toy-p3p/
rigo: supermarket issue!
... it is one thing whether you can have a policy language that
you show to a third party
... what you might do, or whether it's about what you will
follow ...
... may be possible, especially giving thomas's idea re
permissible uses and rules ...
... when p3p came up, we had no useful rule framework ...
... use of owl or rif
... it is one thing whether you can use plain P3P to implement
preferences
... implementing appel was possible, but also a challenge; led
to weird rsults ...
marco: remember all this
discussion ...
... think real-world examples would be useful
marco: There will be a PRIME
closing event in Leuven on 21 July
... it's co-located with PET symposium ...
rigo: will be on the closing event, but not on symposium ...
none
marco: The next meeting is exepcted for 9 July
tlr: possible regrets from tlr and rigo
adjourned