[OGSA-AUTHZ] Re: GGF-14 Draft Notes
Von Welch
vwelch at ncsa.uiuc.edu
Thu Aug 18 13:33:46 CDT 2005
This minutes have been posted with the addition of mentioning that
the GGF IP policy was mentioned.
https://forge.gridforum.org/projects/ogsa-authz/document/GGF-14-OGSA-
Authz-Minutes/en/1
Von
On Jul 8, 2005, at 11:01 AM, Von Welch wrote:
>
> Appended are the combined notes from David Chadwick and myself. Please
> send any corrections in the next week and then I will post them.
>
> Thanks.
>
> Von
>
> --
>
> Preliminary Agenda
>
> * Get note taker
>
> * Working group changes - chairs, etc.
>
> * Status of V1 documents: attributes, SAML
>
> * Requirements for V2
>
> 1) Pass operation arguments to PDP to make decisions based on them
> (XACML supports this)
> 2) Pass level of authentication to PDP to make decisions based on
> strength of authentication
> (SAMLv2 supports this)
> 3) Return obligations to PEP
> (XACML supports this)
> 4) ANY MORE???
>
> * Next steps
>
> ----
>
> Von opened the meeting. Agenda was agreed. Changes in WG chairs:
> Andrew and Rebekah have resigned. Von thanked Rebekah and Andrew for
> co-chairing the meeting up to now and welcomed David Chadwick to the
> new co-chair post. Von said he would be stepping down as soon as V1
> docs are finished and a new co-chair had volunteered. See Von or David
> if you are interested.
>
> Agenda Bashing: No major changes
>
> Status of V1 documents:
>
> Attribute document is in hands of GGF Editor, only one known issue
> from Tom Scavo re section 4.2
>
> SAML document will be at end of WG last call at end of week. One
> known issue from Mary Thompson re SAML 2.0 advancement.
>
> David gave a presentation about authorisation architectures in a
> multi-domain environment (see slide show on Gridforge site). It
> considered which components are needed and how the target Source of
> Authority can control everything.
>
> Frank gave a similar presentation but from a different viewpoint. This
> considered asking remote domains (AAs) if they could help in the
> credential validation.
>
>
> Dane and Dave Berry both raised particular scenarios (push and VO
> manager respectively)
>
> Von suggested we need to pick a set of scenarios to constrain the
> problem space.
>
> Frank Siebenlist gave a overview of the Grid Authorization problem
>
> Dane raised the issue that if we have a bunch of security services
> with one network round-trip latency to each, we have a major
> performance problem
>
> Frank: services can be local
>
> Von: specification of local services makes them less technology
> agnostic. We may need to decide how agnostic we want to be.
>
> Final agenda item: Charter Revisions
>
> There was then a discussion about the contents of the revised
> Charter. Von displayed the existing charter.
>
> First two paragraphs of existing charter are OK for the revised
> WG. The third paragraph, which talks about a two phased approach,
> needs to be edited, since we are now in phase 2.
>
> Add ?it will be an authorisation architecture group for OGSA even
> though its output will be aimed at a wider audience than simply OGSA,
> it will encompass the requirements of OGSA.?
>
> Agreed to keep with the OGSA-Authz name for the group.
>
> Output documents
> i. Scenario document. We will provide authorisation for these
> scenarios. The scenarios can be part of the Architecture document.
> ii. Version 2 of the PEP-PDP protocol document.
> iii. Version 1 of the PEP-CVS protocol.
>
>
More information about the ogsa-authz-wg
mailing list