[ogsa-wg] "tactical-agreement" (#1321: Key-info discovery for encryption in message level security)
Frank Siebenlist
franks at mcs.anl.gov
Wed Mar 30 12:03:10 CST 2005
#1321: Discovery of key-info for encryption in message level security
Service Group Profile/ EPR embedding
Use cases:
When a client wants to send any encrypted message to a service, it will
have to know the key associated with that service.
When a client wants to make a policy decision whether or not it wants a
certain service to serve its request, it has to know the service's key-info.
Considerations:
We have to assume that WS-I or some other organization will get its act
together in the future to define a standardized profile for the
embedding of the service's key-info in the EPR, and that that profile
will then be supported by all vendors world-wide.
Unfortunately, we cannot expect this to happen on any time scale that
can accommodate our upcoming releases and Grid deployments in the near
future.
In order for our different implementation to talk to each other
securely, we have to have agreements in place about where one party will
put the key-info such that another party can find it.
So we need to have a solution in place "now", no matter what, and we
have to be prepared to change that method to the standardized one once
it becomes available. This means that we will have to implement this (at
least) twice.
But note again that there is no alternative - we have to live with this.
It may be politically better, however, to use words like
"tactical-agreement" instead of "standard" for whatever method we
choose, in order to emphasize that we are committed to follow what ever
comes out of WS-I and friends over time.
Hopefully that would make it easier for some of our partner vendors to
work on a tactical-agreement without stepping on the toes of their
colleagues who work on the concurrent WS-I efforts.
--
Frank Siebenlist franks at mcs.anl.gov
The Globus Alliance - Argonne National Laboratory
More information about the ogsa-wg
mailing list