Von one final thing. There is a difference between a valid attribute and an authentic attribute. An authentic attribute means that it was issued by the issuer and hasnt been tampered with (this is an authentication type decision arrived at by a technique such as signature validation). A valid attribute on the other hand is one that can be used and is trusted. So for example, an authentic United Gold card is valid for entry into the Red Carpet Club but not into Admirals club. So the validation service makes the decision whether the attribute is valid or not. regards David Von Welch wrote:
I'm curious about the following item. This would seem to overlap with xkms, or do I misunderstand it.
Von
• A specification of a credential or security token validation protocol between the PEP and a credential/security token validation service (the returned result is a set of validated attributes that can be fed into the PDP using the authorisation protocol).
On Jan 26, 2006, at 7:49 AM, David Chadwick wrote:
Hi Olle
the doc was actually a word doc with track changes switched on so that people could compare the original charter with the proposed revised one. I attach a version with all changes accepted. This should be easier to read.
regards
David
Olle Mulmo wrote:
David, It be that I have a broken RTF reader (Mac), but when I open your document I find a garbled mix (mess?) of old and new text, to the point of it all being unreadable. For starters, it talks about deliverables at GGF 159, GGF 180, and GGF2011... :-) /Olle On Jan 19, 2006, at 23:11, David Chadwick wrote:
Dear All
here is a start to a revised charter for the OGSA AUthz group. Comments and updates welcome.
regards
David
--
***************************************************************** David W. Chadwick, BSc PhD Professor of Information Systems Security The Computing Laboratory, University of Kent, Canterbury, CT2 7NF Tel: +44 1227 82 3221 Fax +44 1227 762 811 Mobile: +44 77 96 44 7184 Email: D.W.Chadwick@kent.ac.uk Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html Research Web site: http://sec.cs.kent.ac.uk Entrust key validation string: MLJ9-DU5T-HV8J PGP Key ID is 0xBC238DE5
***************************************************************** <OGSA_AuthZ-2_Charter.rtf>
--
***************************************************************** David W. Chadwick, BSc PhD Professor of Information Systems Security The Computing Laboratory, University of Kent, Canterbury, CT2 7NF Tel: +44 1227 82 3221 Fax +44 1227 762 811 Mobile: +44 77 96 44 7184 Email: D.W.Chadwick@kent.ac.uk Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html Research Web site: http://sec.cs.kent.ac.uk Entrust key validation string: MLJ9-DU5T-HV8J PGP Key ID is 0xBC238DE5
***************************************************************** <OGSA_AuthZ-2-1_Charter(noTrack).rtf>
-- ***************************************************************** David W. Chadwick, BSc PhD Professor of Information Systems Security The Computing Laboratory, University of Kent, Canterbury, CT2 7NF Tel: +44 1227 82 3221 Fax +44 1227 762 811 Mobile: +44 77 96 44 7184 Email: D.W.Chadwick@kent.ac.uk Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html Research Web site: http://sec.cs.kent.ac.uk Entrust key validation string: MLJ9-DU5T-HV8J PGP Key ID is 0xBC238DE5 *****************************************************************