[ogsa-wg] Proposed agenda for Sept. 28th call

Takuya Mori moritaku at bx.jp.nec.com
Wed Sep 27 12:04:50 CDT 2006 

Hi all,

> 3) Security Profile final review (Takuya, 60 min)
>          Takuya will revise two security profiles before the call.

I uploaded the two profles.

OGSA Basic Security Profile 1.0 - Core:
https://forge.gridforum.org/sf/docman/do/downloadDocument/projects.ogsa-wg/docman.root.working_drafts.security_profile_1_0/doc13561/11

OGSA Security Profile 1.0 - Secure Channel:
https://forge.gridforum.org/sf/docman/do/downloadDocument/projects.ogsa-wg/docman.root.working_drafts.security_profile_1_0/doc13560/21

>  > From Sept. 7 call
>    AI-0907b: Takuya will search for an external reliable source of
>              strong (or deprecated) ciphers to reference.

The followoing document will be a reliable source for recommended 
ciphersuites.

Guidelines for the Selection and Use of Transport Layer Security (TLS) 
Implementations, National Institute of Standards and Technology, June 2005. 
http://csrc.nist.gov/publications/nistpubs/800-52/SP800-52.pdf

There are some other sources available, but these only provides with
recommended algorithm primitives.

For example: 
EU: NESSIE, "Portfolio of recommended cryptographic primitives", 2003. 
https://www.cosic.esat.kuleuven.ac.be/nessie/deliverables/decision-final.pdf

Japan: MIC and METI, "Recommended cipher list for e-Government", 2003.
http://www.soumu.go.jp/joho_tsusin/security/pdf/cryptrec_01.pdf
(Japanese)

Ciphersuites are combinations of four algorithm primitives, so these
two lists itself are insufficient as source of recommended ciphersuites.

We could also define our own recommended ciphersuites based on the
algorithm primitives listed in the EU and Japanese documents above
as well as the NIST guideline document, but I think just refering to
the NIST gudeline document is enough for our purpose.

Thanks in advance,
Takuya

>    AI-0907c: Andreas will revise the explanatory text and send the new
>               version to Takuya.
>    AI-0907d: Takuya will update the documents and issue a final call
>               on the list. (Probably during GGF18.)
> 
>  > From Aug. 31 call
>    AI-0831e: (A Savva) Talk to ACS working group for refining this
>                scenario.
>    AI-0831f: (A Savvva) Research RNS and probably update the EMS Arch
>                Scenarios document
> 
>  > From Aug. 17 call
>    AI-0817a: Dave Berry and Jay Unger will approach groups (GIN,
>               Globus, etc) that have implemented practical grids and
>               start a discussion on how they handle data:
>               - how data is treated as a resource that can be scheduled
>               - how transfers are modeled
>               - how files are advertised
>               - how applications find files (query, by knowledge,?)
>               (Due Oct. 9)
> 
>  > From Aug. 3 call
>    AI-0803e: Jun will provide an example of the CDL mechanism and why
>               using ID/IDREF is not a good idea.
>    AI-0803f: Jun will update the CDL document to remove the Environment
>               variables
> 
>  > From July 20 F2F
> - EGR-WG (Ravi) will contact Geoffrey Fox and invites him to
>       contribute use cases.
> - Andreas to go through the minutes and formulate a reply mail to
>       Geoffrey on each artifact covered in these minutes.
> ----
> Hiro Kishimoto
> 
> 
> --
>   ogsa-wg mailing list
>   ogsa-wg at ogf.org
>   http://www.ogf.org/mailman/listinfo/ogsa-wg
>

More information about the ogsa-wg mailing list