[security-area] [Bounce from Hiro] RE: Update on OGSA Basic Profile Security work

Wed Mar 23 08:26:51 CST 2005

------- start of forwarded message -------
From: "Hiro Kishimoto" <hiro.kishimoto at jp.fujitsu.com>
To: "'Dane Skow'" <dane at fnal.gov>, <security-area at ggf.org>
Cc: "'Ian Foster'" <foster at mcs.anl.gov>,
	"'ogsa-wg'" <ogsa-wg at gridforum.org>
Subject: RE: Update on OGSA Basic Profile Security work
Date: Wed, 23 Mar 2005 16:43:47 +0900
Message-ID: <00e301c52f7c$0c60ae40$63e61fac at ORD>

Thanks Dane for your obliging email,

Certainly OGSA-WG welcomes and requires security experts.
Proposed telecon date is March 30th. If it does not work for=20
you, April 6th is another option. Please let me know your=20
preference.

You can subscribe our mailing list;
https://forge.gridforum.org/projects/sourceforge/document/majordomo_help/=
en/1/ma
jordomo_help.doc
http://www-unix.gridforum.org/mail_archive/ogsa-wg/threads.html

Our Wednesday call is 5-7pm CST. The dial in number is 1-888-452-0308
or 1-484-644-0505 and the pass code is 71815.

You can download the latest basic profile draft from;
https://forge.gridforum.org/projects/ogsa-wg/document/draft-ggf-ogsa-basi=
c-profi
le/en/3

Now we have four open security related issues on this profile;
#1320: Transport and/or Message Level security
          MUST or SHOULD??
#1321: Discovery of key-info for encryption in message level security
          Service Group Profile/ EPR embedding
#1322: Use of Proxy Certificates
          Standard but not widely adopted outside of grid communit
          Time boxed certificates (short lived certs)
#1323: Communication of assertions
          Profiles for common assertions in headers or Proxy Certificate
#1324: Separate Security Basic Profile
          Should we have a separate profile document for security

Basic profile tracker is at;
https://forge.gridforum.org/tracker/index.php?group_id=3D42&atid=3D780

Thanks,
----
Hiro Kishimoto

> -----Original Message-----
> From: Dane Skow [mailto:dane at fnal.gov]
> Sent: Thursday, March 17, 2005 6:03 PM
> To: security-area at ggf.org
> Cc: Ian Foster; Hiro Kishimoto
> Subject: Update on OGSA Basic Profile Security work
>=20
> As Frank mentioned in the Security Area Meeting, the OGSA Basic =
Profile
> is now
> being worked intensely toward conclusion. The Working Group has set a
> goal of
> mid April for resolving all the open issues with the current draft. =
The
> majority of
> the new issues opened this meeting have to do with security. Takuya =
has
> asked for
> a week to allow the interested parties in the Security Area to read =
the
> current draft
> and comment on the current open issues (or raise others). This means
> that interested
> parties will need to engage within the next few days to have maximal
> effectiveness.
> I encourage those interested in OGSA to engage on the Basic Profile =
now.
>=20
>   The response to the question about which use cases from the OGSA use
> case
> document must be supported by the Basic Profile was "all of them".
> However, since
> we will not have a normative spec for WS-Delegation by June, nor do I
> know
> any other credential delegation standard, I suspect there
> was likely a misunderstanding. Takuya will follow up on that question.
>=20
> I believe Hiro and Ian (chairs of OGSA-WG)
> will second me in saying that input on this document from
> security experts is welcomed and requested. The most effective form
> would be for
> people to join the mailing list and attend the relevant phonecons. The
> next most
> effective is to download and read the current drafts and provide
> comments to the list.
>=20
> Frank and Takuya have volunteered to try to alert the area about
> relevant phonecons
> and open issues. However, they will not be able to relay
> comments/discussion with this
> short timeline. Interested parties will have to join them directly to
> keep up with the discussion.
>=20
> Cheers,
> Dane
>=20

------- end of forwarded message -------