[OGSA-AUTHZ] OGSA-Authz-WG draft meeting minutes: OGF Jan 29 session
Tom Scavo
trscavo at gmail.com
Mon Jan 29 14:19:51 CST 2007
Pointer included below.
On 1/29/07, Von Welch <vwelch at ncsa.uiuc.edu> wrote:
>
> Draft notes from today's OGSA-Authz WG meeting. Please send
> corrections or addition. In particular there were protocols referred
> to at a couple of points that need exact identification, which are
> marked with "XXX".
>
> Von
>
> ----
>
> * Preamble
> David brought meeting to order
> Circulated OGF IP sign-in sheet
> Von volunteers to scribe
>
> * Telecon Update
>
> Decision: Once every two months, we will take one of the OGSA-WG
> phone call slots to report to the larger community. Next date will be
> March 8th.
>
> Decision: Telecon dates
> February 13th
> March 7th
> April 3rd
> April 23rd
>
> * Functional Components Doc
> Latest version is Oct 24th version
> Outstanding issue: implications of carrying attributes and
> credentials within the same protocol or within different protocols
> [XXX pointer?]
> Outstanding issue: Id vs URL issued raised by Tom Scavo [XXX pointer?]
http://www.ogf.org/pipermail/ogsa-authz-wg/2006-November/000242.html
> Doc should then be ready for WG final call and progression to AD
>
> * Protocol Doc Updates
> Described 3 protocol
> 1) PEP-Context Handler: no profile proposed. Maybe the same as
> protocol #3 if credential equivalent to attributes.
> 2) Context Handler-CVS: WS-Trust profile, to be written.
> 3) Context Handler-PDP: proposal XACML request/response protocol
> proposed [Question raised regarding exactly which protocol is being
> referred to here. Concerns from Nate that this has been deprecated.
> XXX pointer?]
>
> * Takuyi Mori presentation on NAREGI Authz Service and NAREGI XACML
> profile
> Slides will be sent to the email list
> SAML 2.0 and XACML 2.0 based
> Uses GT authz framework
> Profile between Authz service client (in GT4) and Authz CVS
> Handles VOMS AC's and passes to Authz service
> Presented mapping of attributes from X.509 EEC/VOMS AC into XACML
> Resource Attribute Filtering Mechanism (RAFM) - Reference properties,
> XACML profile has Subject, Resource and Action attributes
>
> * VOMS profile
> Discussed on Oct 16 telecon - minutes on list
> Meaning of the primary type must be explicit rather than implicit (as
> currently done via sequence)
> Awaiting response from VOMS group
>
> * Attribute Retrieval Protocol
> Added as last meeting
> OASIS profile for SAML - Tom Scavo author
>
> * Von Welch resignation as WG chair
> Those who are interesting in replacing Von should send email to David
>
> * Other business
> Tom Scavo: Do we need mechanism to bind SAML to X.509 (equivalent to
> VOMS)?
> David: 2005 X.509 has specification for binding XML to X.509, but
> doesn't specify XML content
> Tom Scavo to investigate how these relate.
> David: VOMS may be moving to a SAML in some way, need to understand
> this.
>
>
> --
> ogsa-authz-wg mailing list
> ogsa-authz-wg at ogf.org
> http://www.ogf.org/mailman/listinfo/ogsa-authz-wg
>
More information about the ogsa-authz-wg
mailing list