[ogsa-wg] [update] OGSA Security Profile 1.0 - Secure Channel
Marty Humphrey
humphrey at cs.virginia.edu
Tue Dec 12 15:46:42 CST 2006
The text that is new in Section 3 has the same problem that Von Welch
(correctly) identified with the previous version:
The document references the "Basic-Security-Profile"
in section 3.2.1. I was confused at first as to whether this
was the OGSA BSP or the WS-I BSP. I suggest this usage include
the full title of the document being referenced.
Here's one example of the text that needs to be clarified:
" Note that while section 4.2 of the Basic Security Profile 1.0 mandates,
recommends, and discourages support for certain ciphersuites, the Basic
Security Profile 1.0 does not prohibit use of any specific ciphersuite.
While section 3.3, 3.4 and 3.5 of the Profile prohibits certain
ciphersuites, the Profile does not prohibit use of any specific ciphersuite
other than those."
Instead of writing "Basic Security Profile 1.0", can't you write "WS-I Basic
Security Profile 1.0"? And instead of "Profile", can't you write "OGSA
Security Profile 1.0 - Secure Channel"? (If indeed this is what you mean).
And please change it in ALL places in the text, not just this single line.
More broadly, I'm not sure what makes THIS one (the "secure channel") *NOT*
a "BASIC Profile", while "core" is a "BASIC" profile. They're both optional
to OGSA services, so arguably "BASIC" should be removed from the title of
"core" as well. Stated differently, I question the logic of referring to
something that addresses the fringe concept of "key information binding to
an endpoint reference" as "BASIC" and referring to something that
essentially just talks about TLS/SSL as apparently *NOT* "BASIC".
-- Marty
-----Original Message-----
From: ogsa-wg-bounces at ogf.org [mailto:ogsa-wg-bounces at ogf.org] On Behalf Of
Takuya Mori
Sent: Tuesday, December 05, 2006 6:07 AM
To: ogsa-wg at ogf.org
Subject: [ogsa-wg] [update] OGSA Security Profile 1.0 - Secure Channel
Dear All,
I have updated the SP - SC document as we discussed in the Nov 27
conference call, and I think it's ready for FINAL CALL.
Please have a look through the document.
Any comments are welcomed.
The updated version of the profile is available on GridForge.
OGSA Security Profile 1.0 - Secure Channel:
https://forge.gridforum.org/sf/docman/do/downloadDocument/projects.ogsa-wg/d
ocman.root.working_drafts.security_profile_1_0/doc13560/23
Changes:
- accepted all the change trackers
- updated the acknowledgement section
- updated the extensibility points since those of the extended
profile had been updated
- added a sentence on the extensibility points E009 and E011
- updated Table 6
- a number of changes, mainly gramatical errors
Best regards,
Takuya
----
Takuya Mori
moritaku at bx.jp.nec.com / tk-mori at isd.nec.co.jp
System Platform Software Development Division
NEC Corporation, Tokyo Japan
--
ogsa-wg mailing list
ogsa-wg at ogf.org
http://www.ogf.org/mailman/listinfo/ogsa-wg
More information about the ogsa-wg
mailing list