[Pgi-wg] Genesis II Security - Trust Anchor(s)

Etienne URBAH urbah at lal.in2p3.fr
Wed Sep 22 05:00:26 CDT 2010 

Bernd,

Concerning the issue of which CAs are trusted by which infrastructure :

I have carefully read again the "focus and scope" of OGF PGI.  You are 
right, it does NOT mention operational policies such as the one above.

So, members of OGF PGI are free to ignore this issue.

But I feel that this issue is a potential blocking point for practical 
interoperation, so a more appropriate audience for this issue is perhaps 
OGF GIN-CG.

Best regards.

-----------------------------------------------------
Etienne URBAH         LAL, Univ Paris-Sud, IN2P3/CNRS
                       Bat 200   91898 ORSAY    France
Tel: +33 1 64 46 84 87      Skype: etienne.urbah
Mob: +33 6 22 30 53 27      mailto:urbah at lal.in2p3.fr
-----------------------------------------------------


On Tue, 21/09/2010 23:10, Bernd Schuller wrote:
> hi Etienne, PGI,
>
> is it an aim of PGI-WG to discuss operational policies such as which CAs
> are trusted by which infrastructure? The group's "focus and scope" at
> <http://forge.gridforum.org/sf/projects/pgi-wg>  does not mention this.
>
> Up to now, I assumed PGI is about defining and/or profiling
> specifications for compute, data, etc, and *not* about operational
> issues in specific existing or future infrastructures? Is this no longer
> the case?
>
> Thanks for any clarification on this question,
> Bernd.
>
> On Di, 2010-09-21 at 21:07 +0200, Etienne URBAH wrote:
>> Duane and Andrew,
>>
>> I have carefully read the document 'Genesis-II Security Implementation'
>> at http://forge.gridforum.org/sf/go/doc15435?nav=1
>>
>> Basic interoperation between different grid infrastructures require to
>> establish mutual trust and common processes.
>>
>> Currently, Security Policies for EGI are proposed by EGI SPG 'Security
>> Policy Group' at https://wiki.egi.eu/wiki/SPG
>> In particular, 'Approval of Certification Authorities' at
>> https://documents.egi.eu/public/ShowDocument?docid=83 defines that the
>> Trust Anchor is IGTF http://www.igtf.net/
>>
>> In order to permit basic interoperation between EGI and infrastructures
>> using Genesis II, members of EGI SPG need to have precise information on
>> Trust Anchor and Security Process used by grid infrastructures using
>> Genesis II.
>> [...]
>>
>> -----------------------------------------------------
>> Etienne URBAH         LAL, Univ Paris-Sud, IN2P3/CNRS
>>                         Bat 200   91898 ORSAY    France
>> Tel: +33 1 64 46 84 87      Skype: etienne.urbah
>> Mob: +33 6 22 30 53 27      mailto:urbah at lal.in2p3.fr
>> -----------------------------------------------------
>>
> --
> Dr. Bernd Schuller
> Distributed Systems and Grid Computing
> Juelich Supercomputing Centre, http://www.fz-juelich.de/jsc
> Phone: +49 246161-8736 (fax -8556)
> Personal blog: www.jroller.com/page/gridhaus
>
>
> ------------------------------------------------------------------------------------------------
> ------------------------------------------------------------------------------------------------
> Forschungszentrum Juelich GmbH
> 52425 Juelich
> Sitz der Gesellschaft: Juelich
> Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498
> Vorsitzender des Aufsichtsrats: MinDirig Dr. Karl Eugen Huthmacher
> Geschaeftsfuehrung: Prof. Dr. Achim Bachem (Vorsitzender),
> Dr. Ulrich Krafft (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt,
> Prof. Dr. Sebastian M. Schmidt
> ------------------------------------------------------------------------------------------------
> ------------------------------------------------------------------------------------------------

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5073 bytes
Desc: S/MIME Cryptographic Signature
Url : http://www.ogf.org/pipermail/pgi-wg/attachments/20100922/88d0614a/attachment.bin

More information about the Pgi-wg mailing list