[Pgi-wg] OGF PGI - Security - Interoperability in progress between EGEE and OSG (using COPS)
Morris Riedel
m.riedel at fz-juelich.de
Fri Apr 3 08:41:30 CDT 2009
Nice Etienne,
I put you on the agenda to talk a bit about it! ;-)
Take care,
Morris
------------------------------------------------------------
Morris Riedel
SW - Engineer
Distributed Systems and Grid Computing Division
Jülich Supercomputing Centre (JSC)
Forschungszentrum Juelich
Wilhelm-Johnen-Str. 1
D - 52425 Juelich
Germany
Email: m.riedel at fz-juelich.de
Info: http://www.fz-juelich.de/jsc/JSCPeople/riedel
Phone: +49 2461 61 - 3651
Fax: +49 2461 61 - 6656
Skype: MorrisRiedel
"We work to better ourselves, and the rest of humanity"
Sitz der Gesellschaft: Jülich
Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498
Vorsitzende des Aufsichtsrats: MinDirig'in Bärbel Brumme-Bothe
Vorstand: Prof. Dr. Achim Bachem (Vorsitzender),
Dr. Ulrich Krafft (stellv. Vorsitzender)
>------Original Message-----
>-From: pgi-wg-bounces at ogf.org [mailto:pgi-wg-bounces at ogf.org] On Behalf Of
>-Etienne URBAH
>-Sent: Friday, April 03, 2009 3:38 PM
>-To: pgi-wg at ogf.org
>-Cc: edges-na3 at mail.edges-grid.eu; lodygens at lal.in2p3.fr
>-Subject: [Pgi-wg] OGF PGI - Security - Interoperability in progress
between EGEE
>-and OSG (using COPS)
>-
>-To All,
>-
>-
>-My previous today's mail shows that the security work of PGI is now stuck
into
>-irreconcilable incompatibility between :
>-- RFC-3820-compliant X509 certificates and proxies on one part,
>-- GSI-style X509 proxies (which can be delegated) on the other part.
>-
>-
>-But there is some hope : At the last MWSG meeting in Zürich, David
>-GROEP has performed a presentation 'AuthZ Interop report' available at
>-http://indico.cern.ch/materialDisplay.py?contribId=22&sessionId=3&material
Id=slides
>-&confId=52862
>-
>-This presentation describes current work in good progress begun in 2007
>-on security interoperability between OSG and EGEE, with the help of
>-Globus and Condor teams.
>-
>-This work uses the Common Open Policy Service (COPS) model defined in
>-RFC 2748 at http://tools.ietf.org/html/rfc2748
>-
>-COPS defines at least following 2 concepts :
>-- PDP = Policy Decision Point
>-- PEP = Policy Enforcement Point
>-
>-Interoperability is achieved through an AuthZ Interop Profile, based on
>-the SAML v2 profile of XACML v2.
>-
>-There are production deployments in OSG and EGEE.
>-
>-
>-So I suggest that, before reinventing the wheel, we study in detail the
>-above mentioned document, in order to quickly know :
>-- The problems which they are encountering,
>-- The solutions which they are founding,
>-- The interoperable components which they are deploying and which we
>-could reuse,
>-- ...
>-
>-
>-Best regards.
>-
>-----------------------------------
>-Etienne URBAH IN2P3 - LAL
>-Bat 200 91898 ORSAY France
>-Tel: +33 1 64 46 84 87
>-Mob: +33 6 22 30 53 27
>-Skype: etienne.urbah
>-mailto:urbah at lal.in2p3.fr
>-----------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3550 bytes
Desc: not available
Url : http://www.ogf.org/pipermail/pgi-wg/attachments/20090403/863ebf0f/attachment.bin
More information about the Pgi-wg
mailing list