OGSA Security Profile - Secure Channel 1.0
Hi, The first draft of "OGSA Security Profile - Secure Channel 1.0" has been uploaded to the grid forge. Document URL: /projects/ogsa-wg/document/OGSA_Security_Profile_-_Secure_Channel_-_1.0/en/2 I'm sorry for my being late to upload this. (It took even longer than I expected.) ---- Takuya Mori moritaku@bx.jp.nec.com / tk-mori@isd.nec.co.jp System Platform Software Development Division NEC Corporation, Tokyo Japan
Hi Takuya, The following is my comments on your documents. Let's discuss them at tomorrow's call. (1) OGSA trademark (page 1, line 3) Title should read "OGSA(tm) Basic Security Profile - Secure Channel 1.0." Also, add trademark section just after copyright notice. (2) Status of This Memo (page 1, line 5-7) (3) Abstract, first paragraph (page 1, line 12-16) (4) Introduction, first paragraph (page 4, line 70-74) (5) Profile overview, first paragraph (page 4, line 82-90) They are copied from OGSA WSRF basic profile. But I prefer to have more security focused statement here. (6) Introduction, "specification" (page 4, line 77, 78, 80) This Profile refers profiles not specifications. (7) Relationships to other profiles (page 4, line 98-100) Please add the following; - This profile should be combined with OGSA WSRF BP 1.0. - There is one alternate security profile; anonymous channel. (8) Add WS-addressing special term (page 5 line 115) Please add "WS-addressing" to special terms. (9) superfluous conformance targets (page 6) There is nor reference to ENVELOPE, DESCRIPTION, SECURITY_HEADER, ENCRYPTED_KEY, ENCRYPTED_REFERENCE_LIST, ENCRYPTED_KEY_REFERENCE_LIST, ENCRYPTED_DATA. Why don't we delete them? (10) Claiming Conformance (page 7 line 180) We need to add one more conformance claim URI; OGSABasicSecurity-1.0. (11) Split section 3 into two; BSP l.0 and SAML 1.0 (page 7-10) Given we have two security profiles, why we don't have two sections for each. (12) Extensibility points for BSP 1.0 (page 7 line 184-105 and page 14) BSP 1.0 has seven extensibility points but this profile has only five, why? (13) R0301 is too much? (page 7 line 207) Why we mandate both; TSL and MSL, for RECEIVER? (14) Table 5 needs update (page 21) This profile does not depend on WS-RP, WS-RL, WS-BP, WS-N, and SchemaCentiricCanonicalization. Hiro Kishimoto Takuya Mori wrote:
Hi,
The first draft of "OGSA Security Profile - Secure Channel 1.0" has been uploaded to the grid forge.
Document URL: /projects/ogsa-wg/document/OGSA_Security_Profile_-_Secure_Channel_-_1.0/en/2
I'm sorry for my being late to upload this. (It took even longer than I expected.)
---- Takuya Mori moritaku@bx.jp.nec.com / tk-mori@isd.nec.co.jp System Platform Software Development Division NEC Corporation, Tokyo Japan
Hi Folks, I've uploaded the revised version of the secure channel profile. The URL is: https://forge.gridforum.org/projects/ogsa-wg/document/draft-ggf-ogsa-securit... I couldn't have enough time to work on anonymous one. I'm sorry for it. The changes are: - Added Contributors and Acknowledgements. - Added the author info - Added the OGSA trademark (Hiro's Comment No.(1)) - Added "WS-Addressing" into the special term (Hiro's Comment No. (8)) Hiro, thank you for your comments. I'll update the document to address the remaining of your comments based on the discussion later. Thanks, Takuya From: Hiro Kishimoto <hiro.kishimoto@jp.fujitsu.com> Subject: Re: [ogsa-wg] OGSA Security Profile - Secure Channel 1.0 Date: Mon, 12 Sep 2005 22:20:15 +0900
Hi Takuya,
The following is my comments on your documents. Let's discuss them at tomorrow's call.
(1) OGSA trademark (page 1, line 3) Title should read "OGSA(tm) Basic Security Profile - Secure Channel 1.0." Also, add trademark section just after copyright notice.
(2) Status of This Memo (page 1, line 5-7) (3) Abstract, first paragraph (page 1, line 12-16) (4) Introduction, first paragraph (page 4, line 70-74) (5) Profile overview, first paragraph (page 4, line 82-90) They are copied from OGSA WSRF basic profile. But I prefer to have more security focused statement here.
(6) Introduction, "specification" (page 4, line 77, 78, 80) This Profile refers profiles not specifications.
(7) Relationships to other profiles (page 4, line 98-100) Please add the following; - This profile should be combined with OGSA WSRF BP 1.0. - There is one alternate security profile; anonymous channel.
(8) Add WS-addressing special term (page 5 line 115) Please add "WS-addressing" to special terms.
(9) superfluous conformance targets (page 6) There is nor reference to ENVELOPE, DESCRIPTION, SECURITY_HEADER, ENCRYPTED_KEY, ENCRYPTED_REFERENCE_LIST, ENCRYPTED_KEY_REFERENCE_LIST, ENCRYPTED_DATA. Why don't we delete them?
(10) Claiming Conformance (page 7 line 180) We need to add one more conformance claim URI; OGSABasicSecurity-1.0.
(11) Split section 3 into two; BSP l.0 and SAML 1.0 (page 7-10) Given we have two security profiles, why we don't have two sections for each.
(12) Extensibility points for BSP 1.0 (page 7 line 184-105 and page 14) BSP 1.0 has seven extensibility points but this profile has only five, why?
(13) R0301 is too much? (page 7 line 207) Why we mandate both; TSL and MSL, for RECEIVER?
(14) Table 5 needs update (page 21) This profile does not depend on WS-RP, WS-RL, WS-BP, WS-N, and SchemaCentiricCanonicalization.
Hiro Kishimoto
Takuya Mori wrote:
Hi,
The first draft of "OGSA Security Profile - Secure Channel 1.0" has been uploaded to the grid forge.
Document URL: /projects/ogsa-wg/document/OGSA_Security_Profile_-_Secure_Channel_-_1.0/en/2
I'm sorry for my being late to upload this. (It took even longer than I expected.)
---- Takuya Mori moritaku@bx.jp.nec.com / tk-mori@isd.nec.co.jp System Platform Software Development Division NEC Corporation, Tokyo Japan
participants (2)
-
Hiro Kishimoto -
Takuya Mori