Skip to main content

Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.

Jump to: navigation, search

Difference between revisions of "10.5.2006 Online Meeting"

(10:40 HBX & ISS (Jan) 30 min)
m (1:45pm IdAS Registry API (Greg Byrd) 15 min)
 
(40 intermediate revisions by 5 users not shown)
Line 5: Line 5:
 
===10:30-10:40 Introductions & Administrivia ===
 
===10:30-10:40 Introductions & Administrivia ===
 
* Get synced up on whatever online conferencing tech we want to use (e.g. to project PPTs, etc).
 
* Get synced up on whatever online conferencing tech we want to use (e.g. to project PPTs, etc).
===10:40 HBX & ISS (Jan) 30 min ===
+
===10:40 HBX & ISS (Jan Camenish) 30 min ===
  
* user interface ideas  (c.f. paper [http://www.zurich.ibm.com/~jca/papers/cssz06.pdf])
+
* Intro: see [[ISS_API]] and [[Higgins_Browser_Extension]]
* requirements; see [[ISS_API]] and [[Higgins_Browser_Extension]]
+
 
* policy language (discussion)
+
* policy language (discussion & collection of requirements). need language to specify token-request,i.e., to specify what information the user needs to supply to get access to some resource. Language format, homegrown, use RDF so that it maps into data model. Similar language to request tokens from issuer. Elements that need to be expressed:
 +
** type of i-card
 +
** attribute
 +
** issuer
 +
** recipient
 +
** in encrypted form (under what key)
 +
** in committed form
 +
** arbitrary statement over attributes (e.g., age < 18)
 +
** logical formulas over terms (AND, OR)
 +
** backing of statement (self-signed, passport checked, .....)
 +
** data handling policy (privacy policy stating things like purpose, retention time etc)
 +
 
 +
* HBX for graphical i-card selection (c.f. paper [http://www.zurich.ibm.com/~jca/papers/cssz06.pdf],demo [http://www.zurich.ibm.com/~jca/papers/cssz06-demo.pdf])
 +
** where do pictures do come from (include in certs?)
 +
** issue with many HBXes..
  
 
===11:10 IdAS (Jim Sermersheim) 40 min ===
 
===11:10 IdAS (Jim Sermersheim) 40 min ===
Line 15: Line 29:
 
** Does it meet out needs? Is it user-friendly?
 
** Does it meet out needs? Is it user-friendly?
 
** Alternate filter [http://forgeftp.novell.com//bandit/HigginsIDASJavadoc/org/eclipse/higgins/idas/IFilter.html interface]
 
** Alternate filter [http://forgeftp.novell.com//bandit/HigginsIDASJavadoc/org/eclipse/higgins/idas/IFilter.html interface]
* Registry
+
** '''Consensus was to proceed with the proposed interfaces.  Concerns:'''
** Status update of outstanding work.
+
*** '''Filter should to be able to query on non-instance (calculated or reasoned) data.'''
** Priority list of what is needed now.
+
*** '''Consider making an interface for comparators.'''
* Provider/Context configuration and policy.
+
* Other IdAS TODOs
** Common examples of config/policy.
+
** [[Idas_Architectural_Todo]]
** Do we want to promote a commol look/feel?
+
*** Provider/Context configuration and policy.
* Nested Providers
+
**** Common examples of config/policy.
** What do we need (APIs and/or config) to achieve this?
+
**** Do we want to promote a commol look/feel?
* Automated build / delivery of downloadables
+
**** Need to pass policy to IContext. We're currently passing as metadata -- does this feel right? Also refer to [http://dev.eclipse.org/mhonarc/lists/higgins-dev/msg00694.html issue]
** People need .jar and javadoc versioned and packaged.
+
**** '''Consensus was to see if it makes sense to pass Context config info at registration time.'''
 +
***** '''Remove IHasMetadata from IContext once we solve the Context configuration issue.  No one can remember why we added this, nor can produce a use case for it.'''
 +
*** Nested Providers
 +
**** What do we need (APIs and/or config) to achieve this?
 +
**** '''Not discussed'''
 +
** [[Idas_Implementation_Todo]]
 +
** [[Idas_Documentation_Todo]]
 
* Unit tests (proposed directory and test structure).
 
* Unit tests (proposed directory and test structure).
* IdAS TODO summary
+
** '''Not discussed'''
  
 
===11:50 LDAP schema (Tom Doman) 20 min ===
 
===11:50 LDAP schema (Tom Doman) 20 min ===
Line 34: Line 54:
  
 
===12:10 Token Issuer/STS (Mike McIntosh) 40 min ===
 
===12:10 Token Issuer/STS (Mike McIntosh) 40 min ===
 +
 +
* http://www.eclipse.org/higgins/org.eclipse.higgins.docs/sts JavaDoc*
 +
<pre>
 +
How Does an STS Extension get Attribute Values to Place into Claims?
 +
STS @ Subject
 +
Push With RST
 +
Token Exchange - STS Framework creates a DigitalSubject/Context?
 +
Pull From Subject IdAS
 +
Based on DigitalSubject/Context?
 +
STS @ IdP
 +
Push with RST
 +
Token Exchange - STS Framework creates a DigitalSubject/Context?
 +
Pull From Subject IdAS
 +
Based on DigitalSubject/Context?
 +
Pull From IdP IdAS
 +
Based on DigitalSubject/Context?
 +
STS @ RP
 +
Same as STS @ IdP?
 +
</pre>
  
 
===Break (1-1:30pm) 30 min ===
 
===Break (1-1:30pm) 30 min ===
===1:30 IdAS Registry API (Greg Byrd) 15 min===
+
===1:45pm IdAS Registry API (Greg Byrd) 15 min===
 +
* Initial implementation ready, waiting for clearance to commit
 +
* Instantiates IContextFactory objects that are listed in java.security properties file and plugins that extend org.eclipse.higgins.context extension point
 +
* Maps context reference (URI) to factories that can (potentially) instantiate it (i.e., factory.canCreate(uri) is true)
  
=== 1:45 Project Overview (Paul Trevithick) 30 min ===
+
=== 2:00pm Project Overview (Paul Trevithick) 60 min ===
 
* Review of Higgins 1.0 [[Component Inventory]] (where we need to be)
 
* Review of Higgins 1.0 [[Component Inventory]] (where we need to be)
 +
** (Regarding automated build) People need .jar and javadoc versioned and packaged. (Jim added this)
 
* Review [[Milestone 0.6]] (where we'll be at the end of November)
 
* Review [[Milestone 0.6]] (where we'll be at the end of November)
 
* How can we fill in some of the gaps?
 
* How can we fill in some of the gaps?
  
===Higgins & Microsoft/OSP (Mary Ruddy) 20 min ===
+
===3:10pm Higgins & Microsoft/OSP (Mary Ruddy) 20 min ===
* Current status, open issues, next steps
+
* Current status, open issues, next steps WRT Microsoft
 +
* http://wiki.eclipse.org/index.php/Draft_Response_to_Open_Specification_Promise Draft response to the OSP
  
===Higgins & OSIS (Dale Olds) 20 min ===
+
 
 +
Action items:
 +
* Our approach regarding these issues WRT IBM and Sun and Eclipse
 +
* Circulate additional language about detail on import/export
 +
* Circulate additional language about sniffing
 +
* To receive example plug-fest docs for inclusion
 +
* Create link to OSIS, pending sample link
 +
* Add comment at the top about asking for similar promise from other IP providers.
 +
 
 +
===3:30pm Higgins & OSIS (Dale Olds) 20 min ===
 
* http://osis.netmesh.org/wiki/Main_Page
 
* http://osis.netmesh.org/wiki/Main_Page
 
* Identity Commons 2.0: http://wiki.idcommons.net/
 
* Identity Commons 2.0: http://wiki.idcommons.net/
Line 57: Line 110:
 
** 7243627#
 
** 7243627#
  
===HBX Service Discovery Proposal (Andy Dale) 20 min ===
+
===4:30pm HBX Service Discovery Proposal (Andy Dale) 20 min ===
 
* How HBX discovers the URL of a/the Higgins service to use
 
* How HBX discovers the URL of a/the Higgins service to use
 
* Leveraging XRI and inames
 
* Leveraging XRI and inames
 
* [http://www.eclipse.org/higgins/documents/HBX-service-discovery.ppt HBX-service-discovery.ppt]
 
* [http://www.eclipse.org/higgins/documents/HBX-service-discovery.ppt HBX-service-discovery.ppt]
 +
 +
===5:00pm end ===
 +
 +
==See Also==
 +
* [[Higgins Wiki]]
 +
* [[Core Components]]

Latest revision as of 20:14, 5 October 2006

Time: 10:30 - 6:30 ET

Rough notes on an agenda; not necessarily in order:

10:30-10:40 Introductions & Administrivia

  • Get synced up on whatever online conferencing tech we want to use (e.g. to project PPTs, etc).

10:40 HBX & ISS (Jan Camenish) 30 min

  • policy language (discussion & collection of requirements). need language to specify token-request,i.e., to specify what information the user needs to supply to get access to some resource. Language format, homegrown, use RDF so that it maps into data model. Similar language to request tokens from issuer. Elements that need to be expressed:
    • type of i-card
    • attribute
    • issuer
    • recipient
    • in encrypted form (under what key)
    • in committed form
    • arbitrary statement over attributes (e.g., age < 18)
    • logical formulas over terms (AND, OR)
    • backing of statement (self-signed, passport checked, .....)
    • data handling policy (privacy policy stating things like purpose, retention time etc)
  • HBX for graphical i-card selection (c.f. paper [1],demo [2])
    • where do pictures do come from (include in certs?)
    • issue with many HBXes..

11:10 IdAS (Jim Sermersheim) 40 min

  • SPARQL (Examine and discuss sample queries).
    • Does it meet out needs? Is it user-friendly?
    • Alternate filter interface
    • Consensus was to proceed with the proposed interfaces. Concerns:
      • Filter should to be able to query on non-instance (calculated or reasoned) data.
      • Consider making an interface for comparators.
  • Other IdAS TODOs
    • Idas_Architectural_Todo
      • Provider/Context configuration and policy.
        • Common examples of config/policy.
        • Do we want to promote a commol look/feel?
        • Need to pass policy to IContext. We're currently passing as metadata -- does this feel right? Also refer to issue
        • Consensus was to see if it makes sense to pass Context config info at registration time.
          • Remove IHasMetadata from IContext once we solve the Context configuration issue. No one can remember why we added this, nor can produce a use case for it.
      • Nested Providers
        • What do we need (APIs and/or config) to achieve this?
        • Not discussed
    • Idas_Implementation_Todo
    • Idas_Documentation_Todo
  • Unit tests (proposed directory and test structure).
    • Not discussed

11:50 LDAP schema (Tom Doman) 20 min

  • Higgins ontology review.
  • Review of Novell's LDAP schema output.
  • Outstanding LDAP issues (Summary).

12:10 Token Issuer/STS (Mike McIntosh) 40 min

How Does an STS Extension get Attribute Values to Place into Claims?
	STS @ Subject
		Push With RST
			Token Exchange - STS Framework creates a DigitalSubject/Context?
		Pull From Subject IdAS
			Based on DigitalSubject/Context?
	STS @ IdP
		Push with RST
			Token Exchange - STS Framework creates a DigitalSubject/Context?
		Pull From Subject IdAS
			Based on DigitalSubject/Context?
		Pull From IdP IdAS
			Based on DigitalSubject/Context?
	STS @ RP
		Same as STS @ IdP?

Break (1-1:30pm) 30 min

1:45pm IdAS Registry API (Greg Byrd) 15 min

  • Initial implementation ready, waiting for clearance to commit
  • Instantiates IContextFactory objects that are listed in java.security properties file and plugins that extend org.eclipse.higgins.context extension point
  • Maps context reference (URI) to factories that can (potentially) instantiate it (i.e., factory.canCreate(uri) is true)

2:00pm Project Overview (Paul Trevithick) 60 min

  • Review of Higgins 1.0 Component Inventory (where we need to be)
    • (Regarding automated build) People need .jar and javadoc versioned and packaged. (Jim added this)
  • Review Milestone 0.6 (where we'll be at the end of November)
  • How can we fill in some of the gaps?

3:10pm Higgins & Microsoft/OSP (Mary Ruddy) 20 min


Action items:

  • Our approach regarding these issues WRT IBM and Sun and Eclipse
  • Circulate additional language about detail on import/export
  • Circulate additional language about sniffing
  • To receive example plug-fest docs for inclusion
  • Create link to OSIS, pending sample link
  • Add comment at the top about asking for similar promise from other IP providers.

3:30pm Higgins & OSIS (Dale Olds) 20 min

Higgins & Identity Schemas (Paul Trevithick) 15 min

  • Review http://identityschemas.org
  • Mention who's involved
  • First telephone meeting Friday 2-3pm ET (email joaquin@acm.org for details)
    • 1-620-782-8800 (Kansas)
    • 7243627#

4:30pm HBX Service Discovery Proposal (Andy Dale) 20 min

5:00pm end

See Also

Back to the top