Dear all, The OGF19 will start tomorrow. As in the recent GGF/OGFs, we will have one regular CAOPs session and one IGTF session, both sessions are scheduled on Thursday (Feb. 1) morning. Here is a draft agenda of the IGTF session: ------------------------------------------------------------ - Short updates from regional PMAs - APGrid PMA (Yoshio) - EUGrid PMA (David) - TAGPMA (Darcy) - IGTF Key Registry and TACAR (Yoshio, Mike, Licia) - Authentication Profiles - Member Integrated Credential Services (TBD) - Portal-based credential services (Yoshio) - AOB ------------------------------------------------------------ Suggestions for the agenda are welcome. I would like to note that the schedule on the OGF web site (as of 28th, Sun 11pm UTC) has been changed as below: IGTF session: 9:00am - 10:30am Feb. 1 (Thu) CAOPs session: 11:00am - 12:30am Feb. 1 (Thu) This change has been confirmed by the Security AD and the OGF web site is expected to be updated shortly. -- Yoshio Tanaka (yoshio.tanaka@aist.go.jp) http://ninf.apgrid.org/ http://www.apgridpma.org/
- Authentication Profiles - Member Integrated Credential Services (TBD) - Portal-based credential services (Yoshio) - AOB
If time permits we should be prepared to talk about (1) what exactly are host / service certificates? what are we certifying? what do relying parties think they are getting? (2) levels of assurance (LoA) in certs (what qualities RP's need in certs, and how to group those qualities) I notice there's an LoA BOF elsewhere in sched. so perhaps some interaction can take place. I don't think I will have anything to show (at least nothing that I haven't had for TAGPMA or EUGridPMA) but we can at least make the discussion open to people who don't go to the PMA meetings. (3) Attribute authorization services, VOMS, and Grid identity CAs I see this as part of the (1) topic, but the service concept itself is so important that it seems to need particular attention. (I don't think there is a completely coherent summary of this - a grid usage paradigm would focus on VOMS - assisted proxy certs, with some contents in the proxy cert consisting of attributes signed by an attribute authority, which at the moment is the host key of the VOMS service.) Thanks, ==mwh Michael Helm ESnet/LBNL
Mike Helm wrote:
(2) levels of assurance (LoA) in certs (what qualities RP's need in certs, and how to group those qualities) I notice there's an LoA BOF elsewhere in sched. so perhaps some interaction can take place.
Dear all, In the last months we have been working along with Valentina Casola and Massimiliano Rak (researchers from the "University of Naples" and the "Second University of Naples", respectively) in the topic of quantitatively evaluating Certificate Policies from Grid-PKIs, as a mechanism to enhance the Grid-OCSP Validation Infrastructure proposed by our University in Barcelona. I've attached our first paper on this topic, this one has been accepted for the ARES conference to take place next April in Vienna. If there is time on the agenda, we'd be glad to comment our work as it may be related with the LoA proposal mentioned by Mike. Best regards and hope to read from you soon. PS: We could be also able to talk a little about the OCSP document... PS2: Because of copyrights stuff, could please keep the distribution of the attached paper restricted to CAOPS and IGTF lists? -- <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><> o o o Jesus Luna Garcia | Polytechnic University of Catalonia o o o PhD Student | Department of Computer Architecture o o o phone: +34 93 401 7187 | Campus Nord. www.ac.upc.es U P C fax: +34 93 401 7055 | C/Jordi Girona 1-3, Modul D6-116 E-mail: jluna@ac.upc.es | Barcelona 08034 SPAIN <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
participants (3)
-
Jesus Luna -
Mike Helm -
Yoshio Tanaka