[Id-delegation-bof] Progress

Paul Millar paul.millar at desy.de
Thu Jan 19 08:03:10 EST 2012 

Hi Mike, Jens,

On Thursday 11 August 2011 15:41:29 Mike Jones wrote:
> Are we any closer to forming this group?

Apologies, again, for the rather lengthy delay.

I've developed a first draft of a possible charter for the group.  I've not 
been involved with forming an OGF group before, so you're experiences are 
invaluable.

Could you have a look and see if it seems reasonable?

Cheers,

Paul.

---

Charter for XXXX
Date XXXX

Group Abbreviation:
XXXX
Group Name:
Delegation
Area:
Security

Group Leadership:

XXX Chair
XXX Chair

Group Summary:

The <name/> group explores issues related to identity delegation,
a process where a remote agent obtains credentials from some agent
that allow the remote agent to identify that operations are conducted
on behalf of the first agent.


Charter Focus/Purpose and Scope:

There are two main purposes of the group.

First, to collect the experience of parties that have already
establish methods of supporting identity delegation.

Second, to explore commonality between these methods and decide
whether there is sufficient commonality between these appoaches to
identify some common aspect that may be codified.

This report may trigger further work in establishing a common standard
that others may adopt; however, such work will be the responsibility
of a subsequent group.


Exit Strategy:

The group will finish its work after collecting input from interesting
parties and reporting on the possibility for establishing a common
standard.


Goals/Deliverables:

One or more documents describing existing delegation systems.

A report describing whether or not commonality exists and advising
whether establising a group to devise some common activity is
desirable.


Seven Questions:

1. Is the scope of the proposed group sufficiently focused?

Yes.  The group is focused on exploring issues related to X509
certificates and how such credentials may be delegated to an agent to
allow that agent to work on behalf of the deligator.

The main focus will be on capturing information about existing
implementations and establishing whether a common approach is feasable
and desirable.


2. Are the topics that the group plans to address clear and relevant
   for the Grid research, development, industrial, implementation,
   and/or application user community?

Yes. The activity of delegation is rather simple and direct.  The
technique of delegation has wide-spread application on any distributed
system that requires third-party involvement without implicit trust.


3. Will the formation of the group foster (consensus-based) work that
   would not be done otherwise?

Yes, there are several organisations that are currently working in
isolation.  By establishing this group, these organisations will have
a forum to share ideas and establish a common concept of delegation.


4. Do the group's activities overlap inappropriately with those of
   another OGF group or to a group active in another organization such
   as IETF or W3C?

There is no other OGF group that has direct impact on delegation and
such an activity is currently not being worked on by IETF and W3C.


5. Are there sufficient interest and expertise in the group's topic,
   with at least several people willing to expend the effort that is
   likely to produce significant results over time?

There is interest from the European Middleware Initiative Project
(EMI), the Initiative for Globus in Europe and the International
Virtual Observatory Alliance (IVOA).  Additionally, others within the
OGF Security area have expressed interest in the topic.


6. Does a base of interested consumers (e.g., application developers,
   Grid system implementers, industry partners, end-users) appear to
   exist for the planned work?

Yes. There are existing users of delegation that have adopted bespoke
solution; examples include Globus and EMI with their respective
user-base.  These different areas have adopted incompatible
approaches.


7. Does the OGF have a reasonable role to play in the determination of
   the technology?

Yes. The current situation is one where no standard approach exists.
This lack of standard means that there is no interroperability between
different software stacks.  In addition, for some bespoke solutions,
multiple implementations of the same protocol does not exist.

More information about the Id-delegation-bof mailing list