[OGSA-AUTHZ] Next Telecon
Tom Scavo
trscavo at gmail.com
Wed Nov 1 08:58:01 CST 2006
On 11/1/06, David Chadwick <d.w.chadwick at kent.ac.uk> wrote:
> Tom Scavo wrote:
>
> > A complete metadata description of the AA will be found in metadata.
> > Admittedly, the location endpoint of the AA is important, but it is
> > not the only piece of metadata of interest.
>
> Actually it is. If you do a complete analysis of the necessary
> interactions and data that is needed, all an AA needs to know is who the
> SP recipient is. All that an SP needs to know is how to contact the AA
> and optionally which attributes to ask for (by default it can ask for
> all of them that it is allowed to have).
In the final analysis, yes, but the Grid SP (taken as a whole) needs
to know 1) what is the preferred IdP of the user, and 2) what AA
endpoint to query. Before the CVS can determine the latter, the PEP
must supply the former. So I claim the unique identifier of the IdP
(entityID) must travel from the user to the PEP to the CVS. Then and
only then can the CVS determine the appropriate endpoint to query.
Tom
More information about the ogsa-authz-wg
mailing list