[Pgi-wg] Sec: Agreement on SOAP and authentication
m.riedel at fz-juelich.de
m.riedel at fz-juelich.de
Fri Mar 20 09:18:19 CDT 2009
Hi,
>- I think Weizhong means implmentation of GSIAPI like one from Globus which does have
>- own communication protocol incompatible with TLS.
And I guess this is where all the misunderstandings comming from related to PGI_GSI or 'proxy-based TLS' :-)
Take care,
Morris
--------------------------------------------------------------------------------
Morris Riedel
SW - Engineer
Distributed Systems and Grid Computing Division
Central Institute of Applied Mathematics
Research Centre Juelich
Wilhelm-Johnen-Str. 1
D - 52425 Juelich
Germany
Email: m.riedel at fz-juelich.de
Info: http://www.fz-juelich.de/zam/ZAMPeople/riedel
Phone: +49 2461 61 - 3651
Fax: +49 2461 61 - 6656
Skype: MorrisRiedel
'We work to improve ourselves and the rest of mankind.'
----- Original Message -----
From: Aleksandr Konstantinov <aleksandr.konstantinov at fys.uio.no>
Date: Friday, March 20, 2009 2:22 pm
Subject: Re: [Pgi-wg] Sec: Agreement on SOAP and authentication
> On Friday 20 March 2009 15:14, Duane Merrill wrote:
> > Embedded comments....
> >
> > 2009/3/19 weizhong qiang <weizhongqiang at gmail.com>
> >
> > >
> > >
> > > On Thu, Mar 19, 2009 at 6:27 PM, <m.riedel at fz-juelich.de> wrote:
> > >
> > >> Hi,
> > >>
> > >> ok let's put it as follows: I meant "proxy-based TLS == GSI"
> -
> > >
> > >
> > > "proxy-based TLS" could also be normal TLS (only difference it
> that you
> > > need to check the delegation chain when verifying; the newer
> version of
> > > openssl itself has supported this, or you can also customize
> the verifying
> > > process of openssl with older version to support verification
> of delegation
> > > chain).
> > >
> >
> > Correct.
> >
> >
> > >
> > > Of cause GSI is also "proxy-based TLS". But I thinks it is not
> compatible> > to normal TLS since it use GSIAPI which has some
> specific protocol.
> > >
> >
> >
> > I believe GSI-API is just that, a programming API that conforms
> to RFC
> > 2744<" target="l">http://www.faqs.org/rfcs/rfc2744.html> (GSS),
> > and has no protocol restrictions/changes.
>
> I think Weizhong means implmentation of GSIAPI like one from
> Globus which does have
> own communication protocol incompatible with TLS.
>
>
> A.K.
> _______________________________________________
> Pgi-wg mailing list
> Pgi-wg at ogf.org
> http://www.ogf.org/mailman/listinfo/pgi-wg
>
-------------------------------------------------------------------
-------------------------------------------------------------------
Forschungszentrum Juelich GmbH
52425 Juelich
Sitz der Gesellschaft: Juelich
Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498
Vorsitzende des Aufsichtsrats: MinDir'in Baerbel Brumme-Bothe
Geschaeftsfuehrung: Prof. Dr. Achim Bachem (Vorsitzender),
Dr. Ulrich Krafft (stellv. Vorsitzender), Prof. Dr. Harald Bolt,
Dr. Sebastian M. Schmidt
-------------------------------------------------------------------
-------------------------------------------------------------------
More information about the Pgi-wg
mailing list