[ogsa-wg] RE: Update on OGSA Basic Profile Security work
Hiro Kishimoto
hiro.kishimoto at jp.fujitsu.com
Wed Mar 23 02:05:37 CST 2005
Thanks Dane for your obliging email,
Certainly OGSA-WG welcomes and requires security experts.
Proposed telecon date is March 30th. If it does not work for
you, April 6th is another option. Please let me know your
preference.
You can sub-scribe our mailing list;
https://forge.gridforum.org/projects/sourceforge/document/majordomo_help/en/1/ma
jordomo_help.doc
http://www-unix.gridforum.org/mail_archive/ogsa-wg/threads.html
Our Wednesday call is 5-7pm CST. The dial in number is 1-888-452-0308
or 1-484-644-0505 and the pass code is 71815.
You can download the latest basic profile draft from;
https://forge.gridforum.org/projects/ogsa-wg/document/draft-ggf-ogsa-basic-profi
le/en/3
Now we have four open security related issues on this profile;
#1320: Transport and/or Message Level security
MUST or SHOULD??
#1321: Discovery of key-info for encryption in message level security
Service Group Profile/ EPR embedding
#1322: Use of Proxy Certificates
Standard but not widely adopted outside of grid communit
Time boxed certificates (short lived certs)
#1323: Communication of assertions
Profiles for common assertions in headers or Proxy Certificate
#1324: Separate Security Basic Profile
Should we have a separate profile document for security
Basic profile tracker is at;
https://forge.gridforum.org/tracker/index.php?group_id=42&atid=780
Thanks,
----
Hiro Kishimoto
> -----Original Message-----
> From: Dane Skow [mailto:dane at fnal.gov]
> Sent: Thursday, March 17, 2005 6:03 PM
> To: security-area at ggf.org
> Cc: Ian Foster; Hiro Kishimoto
> Subject: Update on OGSA Basic Profile Security work
>
> As Frank mentioned in the Security Area Meeting, the OGSA Basic Profile
> is now
> being worked intensely toward conclusion. The Working Group has set a
> goal of
> mid April for resolving all the open issues with the current draft. The
> majority of
> the new issues opened this meeting have to do with security. Takuya has
> asked for
> a week to allow the interested parties in the Security Area to read the
> current draft
> and comment on the current open issues (or raise others). This means
> that interested
> parties will need to engage within the next few days to have maximal
> effectiveness.
> I encourage those interested in OGSA to engage on the Basic Profile now.
>
> The response to the question about which use cases from the OGSA use
> case
> document must be supported by the Basic Profile was "all of them".
> However, since
> we will not have a normative spec for WS-Delegation by June, nor do I
> know
> any other credential delegation standard, I suspect there
> was likely a misunderstanding. Takuya will follow up on that question.
>
> I believe Hiro and Ian (chairs of OGSA-WG)
> will second me in saying that input on this document from
> security experts is welcomed and requested. The most effective form
> would be for
> people to join the mailing list and attend the relevant phonecons. The
> next most
> effective is to download and read the current drafts and provide
> comments to the list.
>
> Frank and Takuya have volunteered to try to alert the area about
> relevant phonecons
> and open issues. However, they will not be able to relay
> comments/discussion with this
> short timeline. Interested parties will have to join them directly to
> keep up with the discussion.
>
> Cheers,
> Dane
>
More information about the ogsa-wg
mailing list