[OGSA-AUTHZ] Vincenzo's VOMS document?
Frank Siebenlist
franks at mcs.anl.gov
Mon Apr 24 11:49:28 CDT 2006
The document is great as is and seems to require few changes before
acceptance.
If we can easily add it to the charter as a deliverable that would have
my vote.
-Frank.
David Chadwick wrote:
>
>
> Olle Mulmo wrote:
>>
>> All,
>>
>> I'm curious as to Vincenzo's informational write-up on VOMS,
>> submitted to the group on February 13.
>>
>> VOMS is used in a number of production grids today. It is the basis
>> for interoperating authorization in the GIN effort. Having a solid
>> write-up on its internals and semantics would most certainly be welcome.
>>
>> Question: how should this be handled? I can see it go multiple ways:
>>
>> 1. The document goes into public comment as an individual submission
>> more or less as is
>> 2. This group makes a round of editing on it first and then do a 2-
>> week last call on the list before the public comment
>> 3. This group includes the document it in the revised charter as
>> another deliverable
>>
>> While the current document seems rather complete, I include 3. as an
>> option anyhow as there are additional things to think of: for
>> instance, a SAML wrapping of the attributes instead of/in addition
>> to the current X.509 attribute certificate format. If we want such
>> a thing (and I think we do), this would in turn advocate for a
>> separation between the definition and the semantics of the
>> attributes, and the packaging/delivery mechanisms of those attributes.
>
> this is clearly a good thing to do, since Shibboleth for example can
> then be used to carry the same attributes.
>
> I am happy to add the doc to the charter if that is what the group want
>
> David
>
>>
>> Regards,
>>
>> /Olle
>>
>>
>
--
Frank Siebenlist franks at mcs.anl.gov
The Globus Alliance - Argonne National Laboratory
More information about the ogsa-authz-wg
mailing list