[caops-wg] Credential Validation Spec
David Chadwick
d.w.chadwick at kent.ac.uk
Thu Feb 1 14:28:41 CST 2007
Hi Alan
the fact that the draft is SAML and WS-Trust oriented is because this
protocol combination was chosen by the EC TrustCoM project as workable.
I am personally not religiously bound to any particular protocol. I
would much prefer a protocol that works and is agreed by everyone,
rather than standing by the current protocol choice.
If we make the service generic enough, it should be able to take a bag
of credentials and return the set of valid attributes (where one or more
of these attributes can be the authenticated names or IDs of the
principal). The CVS will be driven by a policy that provides the rules
for how the validation proceeds. Specifying the policy is not part of
the current charter of the Authz group.
regards
David
Alan Sill wrote:
> Note this document, as David says, is SAML- and WS-Trust oriented. As
> he says, a similar approach could be used for PKI credential evaluation.
>
> The Naples document distributed earlier by Jesus Luna is also relevant
> to this and to the LoA topic.
>
> Alan
>
> On Feb 1, 2007, at 11:18 AM, David Chadwick wrote:
>
>> http://forge.gridforum.org/sf/go/doc9011?nav=1
>
> Alan Sill, Ph.D
> TIGRE Senior Scientist, High Performance Computing Center
> Adjunct Professor of Physics
> TTU
>
> ====================================================================
> : Alan Sill, Texas Tech University Office: Admin 233, MS 4-1167 :
> : e-mail: Alan.Sill at ttu.edu ph. 806-742-4350 fax 806-742-4358 :
> ====================================================================
>
>
>
--
*****************************************************************
David W. Chadwick, BSc PhD
Professor of Information Systems Security
The Computing Laboratory, University of Kent, Canterbury, CT2 7NF
Skype Name: davidwchadwick
Tel: +44 1227 82 3221
Fax +44 1227 762 811
Mobile: +44 77 96 44 7184
Email: D.W.Chadwick at kent.ac.uk
Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html
Research Web site: http://sec.cs.kent.ac.uk
Entrust key validation string: MLJ9-DU5T-HV8J
PGP Key ID is 0xBC238DE5
*****************************************************************
More information about the caops-wg
mailing list