[caops-wg] Draft minutes from CAOPS Session on 16.10

Christos Kanellopoulos skanct at grid.auth.gr
Mon Oct 22 06:03:34 CDT 2007 

Thanks David,

I had already marked that action as completed. I will reflect this  
also in the minutes.

-C.

On 22 Οκτ 2007, at 12:43 ΜΜ, David Chadwick wrote:

> Hi Christos
>
> I actually did send the X.501 substree specification to the list  
> whilst the meeting was still active, so the notes should reflect  
> that I did this during the meeting, rather than saying that I still  
> have to do it after the meeting
>
> regards
>
> David
>
>
> Christos Kanellopoulos wrote:
>> Dear all,
>>   Find below a draft version of the minutes from the CAOPS session  
>> on 16.10.2007. Please review them and send any comment to the  
>> list. On Wednesday 23.10.2007 I will upload it on GridForge.
>> -C.
>> CAOPS Session OGF 21 16.10.2007
>> -------------------------------------
>> Note Takers: Licia Florio, Christos Kanellopoulos
>> -------------------------------------
>> David Groep: Grid Certificate Profile
>> .....................................
>> x The document has finished the public comment period as of  
>> October 8.
>> A1: David Groep to send email to the CAOPS mailing list with  
>> answers to the comments
>> A2: Christos Kanellopoulos to test IE7 with CA certificate that  
>> has been reissued
>> A3: By Nov 6 a new version of the document should be available  
>> that will address all the comments. There is going to be one week  
>> afterwards for group comments and then it will be pushed to the  
>> editor's queue.
>> Yoshio Tanaka: Audit Document
>> ..............................
>> x New version of the document was uploaded to GridForge
>> - Christos Kanellopoulos: The document should provide a generic  
>> framework for performing audits on Grid IdPs. We should remove any  
>> statements on the preferred answers for each question in the document
>> - Mike Helm: This look very much like the spreadsheet that is  
>> being used within TAGPMA for CA accreditation.
>> A4: Mike Helm to send the spreadsheet template at the CAOPS  
>> mailing lists
>> A5: By end of November a new version of the document should be  
>> ready. Christos Kanellopoulos to help with the editing.
>> David Groep: Name Constraints
>> ..............................
>> x Still waiting for the replies from the people at OGF 20 CAOPS  
>> session
>> x The implementation details will be stripped off from the  
>> document and it will be focused on the requirements for providing  
>> namespace constraints at the policy lave.
>> - David Chadwick: What we want to achieve with this document can  
>> be found in the initial X.509 specs that got completely twisted  
>> around '97. This is expected to be changed in the new versions of  
>> the X.509 document
>> - David Chadwick: Wild-card matching, as it is expressed in the  
>> document, did not exist in the X.500 specs. Subtree matching was  
>> part of the specs though
>> - David Groep: We've added wild-card matching exactly to perform  
>> subtree matching
>> A6: David Chadwick to send details at the CAOPS mailing list
>> A7: David Groep to update the document with reference to the  
>> documents that David Chadwick will (if and where necessary)
>> - Rachana Ananthakrishna: Globus will implement Namespace policies  
>> within 2008 Q1. Going to use the current policy language
>> - David Groep: suggested that Globus eliminates the 1024 char  
>> limitation.
>> A8: New version of the document by late December
>> Mike Helm: OCSP Requirements for Grids
>> ......................................
>> x The document was derailed from its initial scope during its  
>> development in the past two years.
>> x We should revisit the document focusing on the Trusted Responder  
>> concept.
>> x There is a lot of useful information within the document that  
>> could be used in future documents.
>> x There is some work done in IETF that supersedes the document.  
>> However it is worth to look at Trusted Responder. Seems like the  
>> current trend is to use CRLs or short-lived certificates.
>> - Mike Helm: Users seem to be happy with the current CRL solution.  
>> Even when they face problems, they prefer to (over) engineer  
>> around them.
>> - Rachana Ananthakrishna: In order for Globus to start working on  
>> an implementation, they need to have specific requirements from  
>> the users
>> A9: Mike Helm: New draft document by early January
>> --------------------------------------------------------------------- 
>> ---
>> --
>>   caops-wg mailing list
>>   caops-wg at ogf.org
>>   http://www.ogf.org/mailman/listinfo/caops-wg
>
> -- 
>
> *****************************************************************
> David W. Chadwick, BSc PhD
> Professor of Information Systems Security
> The Computing Laboratory, University of Kent, Canterbury, CT2 7NF
> Skype Name: davidwchadwick
> Tel: +44 1227 82 3221
> Fax +44 1227 762 811
> Mobile: +44 77 96 44 7184
> Email: D.W.Chadwick at kent.ac.uk
> Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html
> Research Web site: http://www.cs.kent.ac.uk/research/groups/iss/ 
> index.html
> Entrust key validation string: MLJ9-DU5T-HV8J
> PGP Key ID is 0xBC238DE5
>
> *****************************************************************
>




-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3088 bytes
Desc: not available
Url : http://www.ogf.org/pipermail/caops-wg/attachments/20071022/324882d4/attachment.bin

More information about the caops-wg mailing list