[ogsa-wg] Proposed agenda for Sept. 28th call
Hiro Kishimoto
hiro.kishimoto at jp.fujitsu.com
Wed Sep 27 23:42:59 CDT 2006
Hi Takuya,
> We could also define our own recommended ciphersuites based on the
> algorithm primitives listed in the EU and Japanese documents above
> as well as the NIST guideline document, but I think just refering to
> the NIST gudeline document is enough for our purpose.
I agree since this reference is *informative* (not normative).
Thanks,
----
Hiro Kishimoto
Takuya Mori wrote:
> Hi all,
>
>> 3) Security Profile final review (Takuya, 60 min)
>> Takuya will revise two security profiles before the call.
>
> I uploaded the two profles.
>
> OGSA Basic Security Profile 1.0 - Core:
> https://forge.gridforum.org/sf/docman/do/downloadDocument/projects.ogsa-wg/docman.root.working_drafts.security_profile_1_0/doc13561/11
>
> OGSA Security Profile 1.0 - Secure Channel:
> https://forge.gridforum.org/sf/docman/do/downloadDocument/projects.ogsa-wg/docman.root.working_drafts.security_profile_1_0/doc13560/21
>
>> > From Sept. 7 call
>> AI-0907b: Takuya will search for an external reliable source of
>> strong (or deprecated) ciphers to reference.
>
> The followoing document will be a reliable source for recommended
> ciphersuites.
>
> Guidelines for the Selection and Use of Transport Layer Security (TLS)
> Implementations, National Institute of Standards and Technology, June 2005.
> http://csrc.nist.gov/publications/nistpubs/800-52/SP800-52.pdf
>
> There are some other sources available, but these only provides with
> recommended algorithm primitives.
>
> For example:
> EU: NESSIE, "Portfolio of recommended cryptographic primitives", 2003.
> https://www.cosic.esat.kuleuven.ac.be/nessie/deliverables/decision-final.pdf
>
> Japan: MIC and METI, "Recommended cipher list for e-Government", 2003.
> http://www.soumu.go.jp/joho_tsusin/security/pdf/cryptrec_01.pdf
> (Japanese)
>
> Ciphersuites are combinations of four algorithm primitives, so these
> two lists itself are insufficient as source of recommended ciphersuites.
>
> We could also define our own recommended ciphersuites based on the
> algorithm primitives listed in the EU and Japanese documents above
> as well as the NIST guideline document, but I think just refering to
> the NIST gudeline document is enough for our purpose.
>
> Thanks in advance,
> Takuya
>
>> AI-0907c: Andreas will revise the explanatory text and send the new
>> version to Takuya.
>> AI-0907d: Takuya will update the documents and issue a final call
>> on the list. (Probably during GGF18.)
>>
>> > From Aug. 31 call
>> AI-0831e: (A Savva) Talk to ACS working group for refining this
>> scenario.
>> AI-0831f: (A Savvva) Research RNS and probably update the EMS Arch
>> Scenarios document
>>
>> > From Aug. 17 call
>> AI-0817a: Dave Berry and Jay Unger will approach groups (GIN,
>> Globus, etc) that have implemented practical grids and
>> start a discussion on how they handle data:
>> - how data is treated as a resource that can be scheduled
>> - how transfers are modeled
>> - how files are advertised
>> - how applications find files (query, by knowledge,?)
>> (Due Oct. 9)
>>
>> > From Aug. 3 call
>> AI-0803e: Jun will provide an example of the CDL mechanism and why
>> using ID/IDREF is not a good idea.
>> AI-0803f: Jun will update the CDL document to remove the Environment
>> variables
>>
>> > From July 20 F2F
>> - EGR-WG (Ravi) will contact Geoffrey Fox and invites him to
>> contribute use cases.
>> - Andreas to go through the minutes and formulate a reply mail to
>> Geoffrey on each artifact covered in these minutes.
>> ----
>> Hiro Kishimoto
>>
>>
>> --
>> ogsa-wg mailing list
>> ogsa-wg at ogf.org
>> http://www.ogf.org/mailman/listinfo/ogsa-wg
>>
>
>
More information about the ogsa-wg
mailing list