31 Oct
2006
31 Oct
'06
1:23 p.m.
Hi Joni, On 10/31/06, Joni Hahkala <joni.hahkala@cern.ch> wrote:
But if you mean bringing this to the current VOMS system, that might be a harder sell, as the explicit primary would probably mean a change in the VOMS AC extension format, VOMS parsers and maybe in VOMS api and in the software that uses VOMS.
No, I wasn't suggesting that VOMS be modified, but I would recommend that any mapping of VOMS ACs to SAML attribute assertions incorporate the notion of "primary" VO membership attribute. There is precedence for this in the SAML world, which is all I was trying to communicate previously. Cheers, Tom