[voms-proc-wg] VOMSPROC WG session and strawman document
Andrea Ceccanti
andrea.ceccanti at cnaf.infn.it
Thu Oct 11 04:39:12 EDT 2012
Hi David,
just a couple of preliminary comments (unfortunately I will not attend
the meeting)
- I've already shared at large my perplexities about having more than
one AC in the VOMS extension.
I think that was a design flaw. There are no use cases. The VOMS AC
format and all documents in preparation
should be updated to address this flaw, as the VOMS libraries are.
- Computing the intersection of a set of attributes coming from several
ACs in the chain poses the problem of
stating how the order of the attributes is computed when is different in
the ACs. The document should address
this, e.g. proposing that the the order of the AC result of the original
user delegation is enforced.
Cheers,
Andrea
Il 10/10/12 21.47, David Groep ha scritto:
> Dear all,
>
> In preparation for the VOMSPROC WG session, the Redmine project for
> the WG has been populated (finally), and the list of documents and the
> agreed rough outline added to the Wiki
>
> http://redmine.ogf.org/projects/voms-proc-wg/wiki
>
> There is also a strawman document for the first work item ("VOMS
> Attribute Certificate Parsing Rules for Chained Identity Credentials")
> which I admit it incomplete (it lacks a description of how today the
> 'primary FQAN' is determined), but at least should have enough
> controversial material in it to trigger discussion.
>
> Please go to the OGF redmine project at
> http://redmine.ogf.org/projects/voms-proc-wg
> and forward this information as relevant. Everyone is welcome to subscribe
> to the mailing list (<http://www.ogf.org/pipermail/voms-proc-wg/>)
> and lets hope we can get this done.
>
> In particular, we will soon need a discussion on the second work item
> regarding SAML delegation and how to interpret effective attributes
> in that context. VOMS can produce SAML statements, but I think the
> issue is slightly wider and would benefit from such wider input.
>
> Hope to see many of you at the VOMSPROC WG session!
>
> Best,
> DavidG.
>
--
INFN-CNAF
---------
Andrea Ceccanti
Via Ranzani 13/2 40127 Bologna, Italy
phone: +39 051 6092845, fax: +39 051 6092916
skype: andreaceccanti
andrea.ceccanti at cnaf.infn.it
More information about the voms-proc-wg
mailing list