[caops-wg] Draft minutes from CAOPS Session on 16.10
Christos Kanellopoulos
skanct at grid.auth.gr
Mon Oct 22 06:03:34 CDT 2007
Thanks David,
I had already marked that action as completed. I will reflect this
also in the minutes.
-C.
On 22 Οκτ 2007, at 12:43 ΜΜ, David Chadwick wrote:
> Hi Christos
>
> I actually did send the X.501 substree specification to the list
> whilst the meeting was still active, so the notes should reflect
> that I did this during the meeting, rather than saying that I still
> have to do it after the meeting
>
> regards
>
> David
>
>
> Christos Kanellopoulos wrote:
>> Dear all,
>> Find below a draft version of the minutes from the CAOPS session
>> on 16.10.2007. Please review them and send any comment to the
>> list. On Wednesday 23.10.2007 I will upload it on GridForge.
>> -C.
>> CAOPS Session OGF 21 16.10.2007
>> -------------------------------------
>> Note Takers: Licia Florio, Christos Kanellopoulos
>> -------------------------------------
>> David Groep: Grid Certificate Profile
>> .....................................
>> x The document has finished the public comment period as of
>> October 8.
>> A1: David Groep to send email to the CAOPS mailing list with
>> answers to the comments
>> A2: Christos Kanellopoulos to test IE7 with CA certificate that
>> has been reissued
>> A3: By Nov 6 a new version of the document should be available
>> that will address all the comments. There is going to be one week
>> afterwards for group comments and then it will be pushed to the
>> editor's queue.
>> Yoshio Tanaka: Audit Document
>> ..............................
>> x New version of the document was uploaded to GridForge
>> - Christos Kanellopoulos: The document should provide a generic
>> framework for performing audits on Grid IdPs. We should remove any
>> statements on the preferred answers for each question in the document
>> - Mike Helm: This look very much like the spreadsheet that is
>> being used within TAGPMA for CA accreditation.
>> A4: Mike Helm to send the spreadsheet template at the CAOPS
>> mailing lists
>> A5: By end of November a new version of the document should be
>> ready. Christos Kanellopoulos to help with the editing.
>> David Groep: Name Constraints
>> ..............................
>> x Still waiting for the replies from the people at OGF 20 CAOPS
>> session
>> x The implementation details will be stripped off from the
>> document and it will be focused on the requirements for providing
>> namespace constraints at the policy lave.
>> - David Chadwick: What we want to achieve with this document can
>> be found in the initial X.509 specs that got completely twisted
>> around '97. This is expected to be changed in the new versions of
>> the X.509 document
>> - David Chadwick: Wild-card matching, as it is expressed in the
>> document, did not exist in the X.500 specs. Subtree matching was
>> part of the specs though
>> - David Groep: We've added wild-card matching exactly to perform
>> subtree matching
>> A6: David Chadwick to send details at the CAOPS mailing list
>> A7: David Groep to update the document with reference to the
>> documents that David Chadwick will (if and where necessary)
>> - Rachana Ananthakrishna: Globus will implement Namespace policies
>> within 2008 Q1. Going to use the current policy language
>> - David Groep: suggested that Globus eliminates the 1024 char
>> limitation.
>> A8: New version of the document by late December
>> Mike Helm: OCSP Requirements for Grids
>> ......................................
>> x The document was derailed from its initial scope during its
>> development in the past two years.
>> x We should revisit the document focusing on the Trusted Responder
>> concept.
>> x There is a lot of useful information within the document that
>> could be used in future documents.
>> x There is some work done in IETF that supersedes the document.
>> However it is worth to look at Trusted Responder. Seems like the
>> current trend is to use CRLs or short-lived certificates.
>> - Mike Helm: Users seem to be happy with the current CRL solution.
>> Even when they face problems, they prefer to (over) engineer
>> around them.
>> - Rachana Ananthakrishna: In order for Globus to start working on
>> an implementation, they need to have specific requirements from
>> the users
>> A9: Mike Helm: New draft document by early January
>> ---------------------------------------------------------------------
>> ---
>> --
>> caops-wg mailing list
>> caops-wg at ogf.org
>> http://www.ogf.org/mailman/listinfo/caops-wg
>
> --
>
> *****************************************************************
> David W. Chadwick, BSc PhD
> Professor of Information Systems Security
> The Computing Laboratory, University of Kent, Canterbury, CT2 7NF
> Skype Name: davidwchadwick
> Tel: +44 1227 82 3221
> Fax +44 1227 762 811
> Mobile: +44 77 96 44 7184
> Email: D.W.Chadwick at kent.ac.uk
> Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html
> Research Web site: http://www.cs.kent.ac.uk/research/groups/iss/
> index.html
> Entrust key validation string: MLJ9-DU5T-HV8J
> PGP Key ID is 0xBC238DE5
>
> *****************************************************************
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3088 bytes
Desc: not available
Url : http://www.ogf.org/pipermail/caops-wg/attachments/20071022/324882d4/attachment.bin
More information about the caops-wg
mailing list