[saga-rg] Context inaccuracy

Andre Merzky andre at merzky.net
Mon May 8 06:56:29 CDT 2006 

Hi, 

Quoting [Stephen M Pickles] (May 07 2006):
> 
> X509 proxy certificates are described by RFC 3820,
> which has the status of proposed standard.
> 
> 3820 Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate
>      Profile. S. Tuecke, V. Welch, D. Engert, L. Pearlman, M. Thompson.
>      June 2004. (Format: TXT=86374 bytes) (Status: PROPOSED STANDARD)
> 
> "standard X509 certificates" are described by RFC 3280,
> which has the same status.
> 
> 3280 Internet X.509 Public Key Infrastructure Certificate and
>      Certificate Revocation List (CRL) Profile. R. Housley, W. Polk, W.
>      Ford, D. Solo. April 2002. (Format: TXT=295556 bytes) (Obsoletes
>      RFC2459) (Updated by RFC4325) (Status: PROPOSED STANDARD)
> 
> So I don't agree that proxies aren't standard.
> 
> However, I do agree that X509 isn't a good label for a security
> context based on Globus certificates. There are other X509-based
> security models, e.g. the one employed by UNICORE.

I also think that GSI (or even GlobusCert) is a more
appropriate name - even if X509 was less general in
definition and usage.

> 
> Stephen
> 
> PS Do I have to resort to CVS to get the current draft of the
> strawman?

The other way is to ask nicely on this list :-D
I attach the current version.  It is in editing, and parts
are currently in tex, others in plain text.  Sorry for that.

In general though: yes, CVS is the preferred method.

Cheers, Andre.


> 
> 
> > -----Original Message-----
> > From: owner-saga-rg at ggf.org [mailto:owner-saga-rg at ggf.org] On 
> > Behalf Of G.E.POUND at soton.ac.uk
> > Sent: 05 May 2006 16:09
> > To: Andre Merzky
> > Cc: SAGA RG
> > Subject: [saga-rg] Context inaccuracy
> > 
> > Andre,
> > 
> > There is an inaccuracy in the contexts described by the strawman. The
> > context type 'X509' describes proxy certificates. These are 
> > not standard
> > X509 certificates, therefore this type should be renamed GSI.
> > 
> > Graeme
> > 
> > 
> > 
> > 
> > 
> >



-- 
"So much time, so little to do..."  -- Garfield
-------------- next part --------------
A non-text attachment was scrubbed...
Name: strawman-api.pdf
Type: application/pdf
Size: 258493 bytes
Desc: not available
Url : http://www.ogf.org/pipermail/saga-rg/attachments/20060508/1ece433f/attachment-0003.pdf

More information about the saga-rg mailing list