[Pgi-wg] Sec: Agreement on SOAP and authentication
Duane Merrill
dgm4d at virginia.edu
Fri Mar 20 08:14:33 CDT 2009
Embedded comments....
2009/3/19 weizhong qiang <weizhongqiang at gmail.com>
>
>
> On Thu, Mar 19, 2009 at 6:27 PM, <m.riedel at fz-juelich.de> wrote:
>
>> Hi,
>>
>> ok let's put it as follows: I meant "proxy-based TLS == GSI" -
>
>
> "proxy-based TLS" could also be normal TLS (only difference it that you
> need to check the delegation chain when verifying; the newer version of
> openssl itself has supported this, or you can also customize the verifying
> process of openssl with older version to support verification of delegation
> chain).
>
Correct.
>
> Of cause GSI is also "proxy-based TLS". But I thinks it is not compatible
> to normal TLS since it use GSIAPI which has some specific protocol.
>
I believe GSI-API is just that, a programming API that conforms to RFC
2744<http://www.faqs.org/rfcs/rfc2744.html> (GSS),
and has no protocol restrictions/changes.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.ogf.org/pipermail/pgi-wg/attachments/20090320/98c64922/attachment-0001.html
More information about the Pgi-wg
mailing list