Hi,
- Currently all sentence are read on this mailing lists looked like requiring only listed options to be used for authorization. And this is wrong from my point of view.
------Original Message----- -From: Aleksandr Konstantinov [mailto:aleksandr.konstantinov@fys.uio.no] -Sent: Friday, March 27, 2009 2:40 PM -To: Morris Riedel -Cc: pgi-wg@ogf.org -Subject: Re: [Pgi-wg] OGF PGI - Security Strawman - -On Friday 27 March 2009 14:39, Morris Riedel wrote: -> But Aleksandr - I think we all agree to the VOMS scenario - come on
-> something where we can't go currently... :-) - -As I already said I'm not suggesting to profile other information whihc can be used -for authorization. -I said that such information should not be disallowed. Just write profile in such way -that other options -are up to deployment. Currently all sentence are read on this mailing
-requiring only -listed options to be used for authorization. And this is wrong from my
I refer to two different plumbings nothing more. This already narrows down the thousand other possibilities... Take care, Morris ------------------------------------------------------------ Morris Riedel SW - Engineer Distributed Systems and Grid Computing Division Jülich Supercomputing Centre (JSC) Forschungszentrum Juelich Wilhelm-Johnen-Str. 1 D - 52425 Juelich Germany Email: m.riedel@fz-juelich.de Info: http://www.fz-juelich.de/jsc/JSCPeople/riedel Phone: +49 2461 61 - 3651 Fax: +49 2461 61 - 6656 Skype: MorrisRiedel "We work to better ourselves, and the rest of humanity" Sitz der Gesellschaft: Jülich Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 Vorsitzende des Aufsichtsrats: MinDirig'in Bärbel Brumme-Bothe Vorstand: Prof. Dr. Achim Bachem (Vorsitzender), Dr. Ulrich Krafft (stellv. Vorsitzender) thats lists looked like point of view.
- - -A.K. - - - -> -> ------------------------------------------------------------ -> Morris Riedel -> SW - Engineer -> Distributed Systems and Grid Computing Division -> Jülich Supercomputing Centre (JSC) -> Forschungszentrum Juelich -> Wilhelm-Johnen-Str. 1 -> D - 52425 Juelich -> Germany -> -> Email: m.riedel@fz-juelich.de -> Info: http://www.fz-juelich.de/jsc/JSCPeople/riedel -> Phone: +49 2461 61 - 3651 -> Fax: +49 2461 61 - 6656 -> -> Skype: MorrisRiedel -> -> "We work to better ourselves, and the rest of humanity" -> -> Sitz der Gesellschaft: Jülich -> Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 -> Vorsitzende des Aufsichtsrats: MinDirig'in Bärbel Brumme-Bothe -> Vorstand: Prof. Dr. Achim Bachem (Vorsitzender), -> Dr. Ulrich Krafft (stellv. Vorsitzender) -> -> -> >------Original Message----- -> >-From: Aleksandr Konstantinov [mailto:aleksandr.konstantinov@fys.uio.no] -> >-Sent: Friday, March 27, 2009 1:29 PM -> >-To: Morris Riedel -> >-Subject: Re: [Pgi-wg] OGF PGI - Security Strawman -> >- -> >-On Friday 27 March 2009 12:24, you wrote: -> >-> Aleksandr, -> >-> -> >-> could you give me one example for this: -> >-> -> >-> >- I do support idea of attribute based authorization. But can't -> understand -> >-> why other information authenticating the client should be disallowed -> from -> >-> making authorization decision. -> >-> -> >-> -> >-> I seek to understand what you mean. -> >- -> >- -> >-Most brutal example would be DN of X.509 certificate. -> >-More sophisticated could be distrust of specific computing resource for -> specific -> >-VOMS service. -> >- -> >-A.K. ->