[OGSA-AUTHZ] Next Telecon

David Chadwick d.w.chadwick at kent.ac.uk
Wed Nov 1 10:02:57 CST 2006 

Alan

I dont think your use case disagrees with what I am suggesting, which is 
on every v-p-i the user says which attribute is to be primary one (or not)

regards

David

Alan Sill wrote:
> 
> On Oct 31, 2006, at 3:59 PM, David Chadwick wrote:
> 
>> Why cant it? I thought the ACs were created on demand for the user and
>> were different for different grid jobs. In which case, when the VOMS
>> server creates the AC for the particular job, it puts the two attributes
>> (primary and all) inside the one AC.
> 
> They're different for every voms-proxy-init, which is basically a 
> grid-proxy-init step that contacts a VOMS server.  Thus they will be 
> different for every issuance of v-p-i but may be the same across jobs.
> 
> A typical use case might be that the user wants to submit to a given 
> VO's resources, does a v-p-i with argument -voms (VO VOMS server) 
> including possibly the assertion of group membership or role, does the 
> submissions, which could be a large number.  May use that VOMS proxy for 
> an extended period of time for multiple operations.  Up[on wanting to 
> switch to a different VO or a different group or role within the VO, 
> does a new voms-proxy-init and gets a new proxy.  repeat as necessary.
> 
> VOMS proxy certs can be extended, destroyed, etc. just as grid proxies.
> 
> Alan Sill, Ph.D
> TIGRE Senior Scientist
> High Performance Computing Center
> TTU
> 
> ====================================================================
> :  Alan Sill, Texas Tech University  Office: Admin 233, MS 4-1167  :
> :  e-mail: Alan.Sill at ttu.edu   ph. 806-742-4350  fax 806-742-4358  :
> ====================================================================
> 
> 
> 

-- 

*****************************************************************
David W. Chadwick, BSc PhD
Professor of Information Systems Security
The Computing Laboratory, University of Kent, Canterbury, CT2 7NF
Skype Name: davidwchadwick
Tel: +44 1227 82 3221
Fax +44 1227 762 811
Mobile: +44 77 96 44 7184
Email: D.W.Chadwick at kent.ac.uk
Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html
Research Web site: http://sec.cs.kent.ac.uk
Entrust key validation string: MLJ9-DU5T-HV8J
PGP Key ID is 0xBC238DE5

*****************************************************************

More information about the ogsa-authz-wg mailing list