[OGSA-AUTHZ] Vincenzo's VOMS document?
David Chadwick
d.w.chadwick at kent.ac.uk
Mon Apr 24 10:07:56 CDT 2006
Olle Mulmo wrote:
>
> All,
>
> I'm curious as to Vincenzo's informational write-up on VOMS, submitted
> to the group on February 13.
>
> VOMS is used in a number of production grids today. It is the basis for
> interoperating authorization in the GIN effort. Having a solid write-up
> on its internals and semantics would most certainly be welcome.
>
> Question: how should this be handled? I can see it go multiple ways:
>
> 1. The document goes into public comment as an individual submission
> more or less as is
> 2. This group makes a round of editing on it first and then do a 2- week
> last call on the list before the public comment
> 3. This group includes the document it in the revised charter as
> another deliverable
>
> While the current document seems rather complete, I include 3. as an
> option anyhow as there are additional things to think of: for instance,
> a SAML wrapping of the attributes instead of/in addition to the current
> X.509 attribute certificate format. If we want such a thing (and I
> think we do), this would in turn advocate for a separation between the
> definition and the semantics of the attributes, and the
> packaging/delivery mechanisms of those attributes.
this is clearly a good thing to do, since Shibboleth for example can
then be used to carry the same attributes.
I am happy to add the doc to the charter if that is what the group want
David
>
> Regards,
>
> /Olle
>
>
--
*****************************************************************
David W. Chadwick, BSc PhD
Professor of Information Systems Security
The Computing Laboratory, University of Kent, Canterbury, CT2 7NF
Tel: +44 1227 82 3221
Fax +44 1227 762 811
Mobile: +44 77 96 44 7184
Email: D.W.Chadwick at kent.ac.uk
Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html
Research Web site: http://sec.cs.kent.ac.uk
Entrust key validation string: MLJ9-DU5T-HV8J
PGP Key ID is 0xBC238DE5
*****************************************************************
More information about the ogsa-authz-wg
mailing list