All, I'm curious as to Vincenzo's informational write-up on VOMS, submitted to the group on February 13. VOMS is used in a number of production grids today. It is the basis for interoperating authorization in the GIN effort. Having a solid write-up on its internals and semantics would most certainly be welcome. Question: how should this be handled? I can see it go multiple ways: 1. The document goes into public comment as an individual submission more or less as is 2. This group makes a round of editing on it first and then do a 2- week last call on the list before the public comment 3. This group includes the document it in the revised charter as another deliverable While the current document seems rather complete, I include 3. as an option anyhow as there are additional things to think of: for instance, a SAML wrapping of the attributes instead of/in addition to the current X.509 attribute certificate format. If we want such a thing (and I think we do), this would in turn advocate for a separation between the definition and the semantics of the attributes, and the packaging/delivery mechanisms of those attributes. Regards, /Olle
Olle, I would suggest option (1), get it out there. I thought it stood well enough as is. If we want to do (3), I suggest making that a separate document and don't hold up the current document which is useful in itself. Von On Apr 24, 2006, at 4:36 AM, Olle Mulmo wrote:
All,
I'm curious as to Vincenzo's informational write-up on VOMS, submitted to the group on February 13.
VOMS is used in a number of production grids today. It is the basis for interoperating authorization in the GIN effort. Having a solid write-up on its internals and semantics would most certainly be welcome.
Question: how should this be handled? I can see it go multiple ways:
1. The document goes into public comment as an individual submission more or less as is 2. This group makes a round of editing on it first and then do a 2- week last call on the list before the public comment 3. This group includes the document it in the revised charter as another deliverable
While the current document seems rather complete, I include 3. as an option anyhow as there are additional things to think of: for instance, a SAML wrapping of the attributes instead of/in addition to the current X.509 attribute certificate format. If we want such a thing (and I think we do), this would in turn advocate for a separation between the definition and the semantics of the attributes, and the packaging/delivery mechanisms of those attributes.
Regards,
/Olle
Olle Mulmo wrote:
All,
I'm curious as to Vincenzo's informational write-up on VOMS, submitted to the group on February 13.
VOMS is used in a number of production grids today. It is the basis for interoperating authorization in the GIN effort. Having a solid write-up on its internals and semantics would most certainly be welcome.
Question: how should this be handled? I can see it go multiple ways:
1. The document goes into public comment as an individual submission more or less as is 2. This group makes a round of editing on it first and then do a 2- week last call on the list before the public comment 3. This group includes the document it in the revised charter as another deliverable
While the current document seems rather complete, I include 3. as an option anyhow as there are additional things to think of: for instance, a SAML wrapping of the attributes instead of/in addition to the current X.509 attribute certificate format. If we want such a thing (and I think we do), this would in turn advocate for a separation between the definition and the semantics of the attributes, and the packaging/delivery mechanisms of those attributes.
this is clearly a good thing to do, since Shibboleth for example can then be used to carry the same attributes. I am happy to add the doc to the charter if that is what the group want David
Regards,
/Olle
-- ***************************************************************** David W. Chadwick, BSc PhD Professor of Information Systems Security The Computing Laboratory, University of Kent, Canterbury, CT2 7NF Tel: +44 1227 82 3221 Fax +44 1227 762 811 Mobile: +44 77 96 44 7184 Email: D.W.Chadwick@kent.ac.uk Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html Research Web site: http://sec.cs.kent.ac.uk Entrust key validation string: MLJ9-DU5T-HV8J PGP Key ID is 0xBC238DE5 *****************************************************************
The document is great as is and seems to require few changes before acceptance. If we can easily add it to the charter as a deliverable that would have my vote. -Frank. David Chadwick wrote:
Olle Mulmo wrote:
All,
I'm curious as to Vincenzo's informational write-up on VOMS, submitted to the group on February 13.
VOMS is used in a number of production grids today. It is the basis for interoperating authorization in the GIN effort. Having a solid write-up on its internals and semantics would most certainly be welcome.
Question: how should this be handled? I can see it go multiple ways:
1. The document goes into public comment as an individual submission more or less as is 2. This group makes a round of editing on it first and then do a 2- week last call on the list before the public comment 3. This group includes the document it in the revised charter as another deliverable
While the current document seems rather complete, I include 3. as an option anyhow as there are additional things to think of: for instance, a SAML wrapping of the attributes instead of/in addition to the current X.509 attribute certificate format. If we want such a thing (and I think we do), this would in turn advocate for a separation between the definition and the semantics of the attributes, and the packaging/delivery mechanisms of those attributes.
this is clearly a good thing to do, since Shibboleth for example can then be used to carry the same attributes.
I am happy to add the doc to the charter if that is what the group want
David
Regards,
/Olle
-- Frank Siebenlist franks@mcs.anl.gov The Globus Alliance - Argonne National Laboratory
participants (4)
-
David Chadwick -
Frank Siebenlist -
Olle Mulmo -
Von Welch