[saga-rg] Context inaccuracy
Stephen M Pickles
Stephen.Pickles at manchester.ac.uk
Sun May 7 06:20:37 CDT 2006
X509 proxy certificates are described by RFC 3820,
which has the status of proposed standard.
3820 Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate
Profile. S. Tuecke, V. Welch, D. Engert, L. Pearlman, M. Thompson.
June 2004. (Format: TXT=86374 bytes) (Status: PROPOSED STANDARD)
"standard X509 certificates" are described by RFC 3280,
which has the same status.
3280 Internet X.509 Public Key Infrastructure Certificate and
Certificate Revocation List (CRL) Profile. R. Housley, W. Polk, W.
Ford, D. Solo. April 2002. (Format: TXT=295556 bytes) (Obsoletes
RFC2459) (Updated by RFC4325) (Status: PROPOSED STANDARD)
So I don't agree that proxies aren't standard.
However, I do agree that X509 isn't a good label for a security
context based on Globus certificates. There are other X509-based
security models, e.g. the one employed by UNICORE.
Stephen
PS Do I have to resort to CVS to get the current draft of the
strawman?
> -----Original Message-----
> From: owner-saga-rg at ggf.org [mailto:owner-saga-rg at ggf.org] On
> Behalf Of G.E.POUND at soton.ac.uk
> Sent: 05 May 2006 16:09
> To: Andre Merzky
> Cc: SAGA RG
> Subject: [saga-rg] Context inaccuracy
>
> Andre,
>
> There is an inaccuracy in the contexts described by the strawman. The
> context type 'X509' describes proxy certificates. These are
> not standard
> X509 certificates, therefore this type should be renamed GSI.
>
> Graeme
>
>
>
>
>
>
More information about the saga-rg
mailing list