Initial Authentication Mechanism Discovery Wiki Page
Hey all, I've added an initial description of how authentication mechanisms can be discovered. It uses our already defined query interface so is merely but an extension to this feature of OCCI. http://forge.ogf.org/sf/wiki/do/viewPage/projects.occi-wg/wiki/AuthMechDisco Andy ------------------------------------------------------------- Intel Ireland Limited (Branch) Collinstown Industrial Park, Leixlip, County Kildare, Ireland Registered Number: E902934 This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies.
Hey there, this seems to be very much tailored to the HTTP rendering. If it is supposed to be, then fine. Otherwise (from a core perspective), this won't ever fly. Best, Alexander Am 05.10.2010 um 22:36 schrieb Edmonds, AndrewX:
Hey all, I've added an initial description of how authentication mechanisms can be discovered. It uses our already defined query interface so is merely but an extension to this feature of OCCI.
http://forge.ogf.org/sf/wiki/do/viewPage/projects.occi-wg/wiki/AuthMechDisco
Andy <smime.p7s><ATT00001..txt><ATT00002..txt>
I guess what's misleading are the examples - very much HTTP specific given the mechanisms are typically used over a HTTP transport. -----Original Message----- From: alexander.papaspyrou@tu-dortmund.de [mailto:alexander.papaspyrou@tu-dortmund.de] Sent: Wednesday, October 06, 2010 9:38 AM To: Edmonds, AndrewX Cc: occi-wg@ogf.org Subject: Re: [occi-wg] Initial Authentication Mechanism Discovery Wiki Page Hey there, this seems to be very much tailored to the HTTP rendering. If it is supposed to be, then fine. Otherwise (from a core perspective), this won't ever fly. Best, Alexander Am 05.10.2010 um 22:36 schrieb Edmonds, AndrewX:
Hey all, I've added an initial description of how authentication mechanisms can be discovered. It uses our already defined query interface so is merely but an extension to this feature of OCCI.
http://forge.ogf.org/sf/wiki/do/viewPage/projects.occi-wg/wiki/AuthMechDisco
Andy <smime.p7s><ATT00001..txt><ATT00002..txt>
------------------------------------------------------------- Intel Ireland Limited (Branch) Collinstown Industrial Park, Leixlip, County Kildare, Ireland Registered Number: E902934 This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies.
Hi, It looks good. There seems to be a reference to openid and oauth. Both of these schemes require the exchange of information in the form of html documents. We currently do not have a mapping of html for authentication or authorization in the occi header scheme. We should limit to http 1.1 supported authentication. gary On 10/5/2010 2:36 PM, Edmonds, AndrewX wrote:
Hey all, I've added an initial description of how authentication mechanisms can be discovered. It uses our already defined query interface so is merely but an extension to this feature of OCCI.
http://forge.ogf.org/sf/wiki/do/viewPage/projects.occi-wg/wiki/AuthMechDisco
Andy
------------------------------------------------------------- Intel Ireland Limited (Branch) Collinstown Industrial Park, Leixlip, County Kildare, Ireland Registered Number: E902934
This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies.
_______________________________________________ occi-wg mailing list occi-wg@ogf.org http://www.ogf.org/mailman/listinfo/occi-wg
I'd agree to Gary. core should only state something like "security is an important thing, blah blah" and leave the all the gore (no pun intended) to renderings. -Alexander Am 07.10.2010 um 08:52 schrieb Gary Mazz:
Hi,
It looks good.
There seems to be a reference to openid and oauth. Both of these schemes require the exchange of information in the form of html documents. We currently do not have a mapping of html for authentication or authorization in the occi header scheme. We should limit to http 1.1 supported authentication.
gary
On 10/5/2010 2:36 PM, Edmonds, AndrewX wrote:
Hey all, I've added an initial description of how authentication mechanisms can be discovered. It uses our already defined query interface so is merely but an extension to this feature of OCCI.
http://forge.ogf.org/sf/wiki/do/viewPage/projects.occi-wg/wiki/AuthMechDisco
Andy
------------------------------------------------------------- Intel Ireland Limited (Branch) Collinstown Industrial Park, Leixlip, County Kildare, Ireland Registered Number: E902934
This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies.
_______________________________________________ occi-wg mailing list
occi-wg@ogf.org http://www.ogf.org/mailman/listinfo/occi-wg
<ATT00001..txt>
What still needs to be relayed in core is a) security is important b) OCCI exposes a general means through the query interface to discover authentication mechanisms Andy On 7 Oct 2010, at 09:42, "alexander.papaspyrou@tu-dortmund.de" <alexander.papaspyrou@tu-dortmund.de> wrote:
I'd agree to Gary. core should only state something like "security is an important thing, blah blah" and leave the all the gore (no pun intended) to renderings.
-Alexander
Am 07.10.2010 um 08:52 schrieb Gary Mazz:
Hi,
It looks good.
There seems to be a reference to openid and oauth. Both of these schemes require the exchange of information in the form of html documents. We currently do not have a mapping of html for authentication or authorization in the occi header scheme. We should limit to http 1.1 supported authentication.
gary
On 10/5/2010 2:36 PM, Edmonds, AndrewX wrote:
Hey all, I've added an initial description of how authentication mechanisms can be discovered. It uses our already defined query interface so is merely but an extension to this feature of OCCI.
http://forge.ogf.org/sf/wiki/do/viewPage/projects.occi-wg/wiki/AuthMechDisco
Andy
------------------------------------------------------------- Intel Ireland Limited (Branch) Collinstown Industrial Park, Leixlip, County Kildare, Ireland Registered Number: E902934
This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies.
_______________________________________________ occi-wg mailing list
occi-wg@ogf.org http://www.ogf.org/mailman/listinfo/occi-wg
<ATT00001..txt>
_______________________________________________ occi-wg mailing list occi-wg@ogf.org http://www.ogf.org/mailman/listinfo/occi-wg
participants (4)
-
alexander.papaspyrou@tu-dortmund.de -
Andy Edmonds -
Edmonds, AndrewX -
Gary Mazz