The three "Express Authentication Profile" documents have undergone a further revision and have been posted to the OGSA Gridforge document repository. If you are (or are about to) socialize these documents amongst colleagues, please refer them to the latest versions. Changes of note: * Updates from Hiro's round of comments. * Fixed problem of identifying WSA headers for signing: added XPath expression to indicate all headers containing "IsReferenceParameter=true" attribute. * Fixed duplicate policy id issue with respect to supplemental input/output message protection policies. * Wordsmithing on introduction to "get to the point" quicker. * Other minor edits for clarity. Cheers, Duane Duane Merrill wrote:
All, I've updated the three EAP security profile documents on Gridforge with some minor revisions, including clarifications, fixes to requirement-numbering inconsistencies, and added an example SOAP message meeting the requirements of the X.509 message-level binding assertion policy.
A question for the group: Would it be a good idea to also profile a Kerberos message-level binding assertion policy within the OGSA-SP-SecureSoapMessaging profile? The document currently profiles X.509 and UsernameToken binding policies, primarily because of their widespread use / ease-of-adoption. Thoughts?
Duane
-- ogsa-wg mailing list ogsa-wg@ogf.org http://www.ogf.org/mailman/listinfo/ogsa-wg