Today was the first day of the Cloud Identity Summit in Keystone, Colorado. The quality of the workshops and value of the interaction with other industry experts was only outdone by the breathtaking views of the mountains surrounding the conference hall. To give you a small idea of what it was like, here are some highlights from Gerry Gebel's workshop on XACML:
- Version 3 of the spec will probably be released by the end of this year.
- The new delegation model makes XACML especially pertinent to SaaS providers.
- Gerry and Doron Grinstein, the CEO of BiTKOO, did not know of any production installations that use a PEP from one vendor and a PDP from another.
- There's a new profile looming called the XACML Intellectual Control Profile (IPC) which is being shepherded through OASIS by Boeing.
- BiTKOO is on the verge of open sourcing a PDP and a PEP. (No details given.)
- Gerry didn't think the XACML technical committee was interested in defining the transport mechanism used by the different actors in the architecture, and everyone in the room seemed (from what I could sense) that the spec had limited value until they did.
- Patrick Harding, CTO of Ping Identity, thought that the standardization of the client-side API used in PEPs would help speed adoption as was the case w/ LDAP.