[Pgi-wg] Discussion about elements/priorities in the field of security
Duane Merrill
dgm4d at virginia.edu
Fri Mar 20 09:33:11 CDT 2009
>
>
>>
> Yes. However the "bearer" style is not so inviable, while we can not look
> at it with the same security guarantee as "holder-of-key". And it is the
> easiest way to implemented.
>
"Guarantee" is the operative word here. There are likely to be
organizational (if not legal) obligations to be protected from simple
conspiracy attacks.
>
>> Thus we arrive at two scenarios: ACs-via-SSL-authn and
>> SAML-via-SOAP-authn. Confidentiality and integrity provided in both cases
>> by SSL/TLS, of course.
>>
> I think if "SAML-via-SOAP-authn" is compliant to WS-Security SAML profile,
> then SSL/TLS (between the client and the service to which this client sends
> SOAP message with protection from SAML Token) can be optional since
> "SAML-via-SOAP-authn" has already provided independent message-level
> authentication.
>
Yes, the peer identity obtained from the SSL handshake is [intended to
be] disregarded in favor of the (perhaps multiple) identities and attributes
authenticated at the SOAP level. But there seems to be strong political
pressure to use transport-level (as opposed to message-level) encryption in
the majority of grid usage scenarios, almost to the point where it's easier
to say "we should always use it". We could consider down-grading to
"client-anonymous" TLS/SSL for this "SAML-via-SOAP-authn" compliance target.
-Duane
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.ogf.org/pipermail/pgi-wg/attachments/20090320/0b7784ab/attachment.html
More information about the Pgi-wg
mailing list