Morris, Concerning PGI, I completely agree with you : Even if the original use case was focused on data staging, SECURITY is the basis for everything. Taking as input following presentations : - 'PGI Reference Model' by yourself, in particular slides : - 18 'Security is orthogonal to layers, - 19 'Orthogonal Security: Plumbings', - 22 'Still work to do…'. - 'Unicore : A European Grid Technology' by Shiraz MEMON, in particular slide 7 'Standards in Unicore 6' - 'The NorduGrid/ARC perspective', in particular slides 21 and 22 'Security capability: Wishlist' - 'Conformance Targets for Simple PGI Communication' of GENESIS Interoperability absolutely requires that : 1) Trust stores (for roots of trust) and Authz Repositories (like 'gridmap' files) have exactly the same semantic content (even if syntax can differ), and are carefully distributed to all sites. 2) VOMS attributes specified inside X509 proxies and inside SAML assertions have the same semantics, in order to permit translation in both directions. 3) Restrictions/Constraints specified inside X509 proxies and inside SAML assertions have the same semantics, in order to permit translation in both directions. 4) Endpoints are specified in compliance with GLUE 2. So, I suggest to use the presentation 'Conformance Targets for Simple PGI Communication' of GENESIS as the basis document for our work. We have first to agree on at least the above points inside 1 or more Security Profiles (Semantic, Repositories, X509 syntax, SAML syntax). Then we can successfully apply SECURITY and GLUE to improve JSDL, BES and Data transfer & management. Meanwhile, I thank Johannes WATZL in advance for uploading the minutes of the PGI sessions (in particular the remote speech by Duane MERRIL). Besides, at OGF25, Joni HAHKALA of CERN (tel +41 22 76 76179) Joni.Hahkala@cern.ch explained to me that gLite proxy restriction attributes are developed by himself. Best regards. ---------------------------------- Etienne URBAH IN2P3 - LAL Bat 200 91898 ORSAY France Tel: +33 1 64 46 84 87 Mob: +33 6 22 30 53 27 Skype: etienne.urbah mailto:urbah@lal.in2p3.fr ---------------------------------- On Thu, 12 Mar 2009, m.riedel@fz-juelich.de wrote:
Hi PGI team,
I think it would be quite valuable to have a short telcon tomorrow debriefing OGF25 - I'm happy to chair this telcon if the community is interested.
I think we clearly have to review our strategy and thus numerous comments might be beneficial?
Possible agenda might be:
(1) OGF25 Summarizing shortly our sessions
(2) Addressing Comments: Liasons with other working groups: SRM, JSDL, BES, etc.
(3) Addressing Comments: (possible) Prioritization to focus efforts: (i) Clearly security breaks everything - so lets foster security (ii) bes/glue then (iii) data issues
(4) Addressing Comments: production Grids and driving forces of PGI (small fish vs. big fish)
(5) Other comments by participants of the TelCon
(6) AOB
Honestly, I don't feel comfortable without having talked about this this week - and I would be happy if we can directly dive into our problems instead of shifting it... ;-)
I suggest the usual timeslot w/o talking about technical issues but rather about our roadmap and steps forward - let's not loose time...
How does this sound?
Take care, Morris
-------------------------------------------------------------------------------- Morris Riedel SW - Engineer Distributed Systems and Grid Computing Division Central Institute of Applied Mathematics Research Centre Juelich Wilhelm-Johnen-Str. 1 D - 52425 Juelich Germany
Email: m.riedel@fz-juelich.de Info: http://www.fz-juelich.de/zam/ZAMPeople/riedel
Phone: +49 2461 61 - 3651 Fax: +49 2461 61 - 6656
Skype: MorrisRiedel