For this X.509 proxy delegation profile, is the transport level security (TLS/SSL) assumed ?   <br>  If so, probably the message (SOAP) during the delegation can be looked to be confidential. And then the message level security (such as message signature) could not be necessary in this case.<br>
<br>Weizhong Qiang<br>NorduGrid<br><br><div class="gmail_quote">On Wed, Mar 4, 2009 at 11:08 PM, Moreno Marzolla <span dir="ltr">&lt;<a href="mailto:moreno.marzolla@pd.infn.it">moreno.marzolla@pd.infn.it</a>&gt;</span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Dear all,<br>
<br>
I just uploaded to gridforge:<br>
<br>
<a href="http://forge.gridforum.org/sf/go/doc15549?nav=1" target="_blank">http://forge.gridforum.org/sf/go/doc15549?nav=1</a><br>
<br>
a very early draft for a proposal of a &quot;PGI Transport Level Security<br>
profile&quot;, which uses X509 proxy certificates + a delegation port-type<br>
for authentication and credential delegation.<br>
<br>
At the moment the document just states what has already be said during<br>
the PGI teleconferences. I hope it will be useful for tomorrow<br>
discussion at OGF, and eventually evolve in the near future into a full<br>
specification (which at the moment is definitely not).<br>
<br>
Moreno.<br>
<br>
--<br>
Moreno Marzolla<br>
INFN Sezione di Padova,    via Marzolo 8,   35131 PADOVA,  Italy<br>
EMail: <a href="mailto:moreno.marzolla@pd.infn.it">moreno.marzolla@pd.infn.it</a>         Phone: +39 049 8277047<br>
WWW  : <a href="http://www.dsi.unive.it/%7Emarzolla" target="_blank">http://www.dsi.unive.it/~marzolla</a>  Fax  : +39 049 8756233<br>
<br>
_______________________________________________<br>
Pgi-wg mailing list<br>
<a href="mailto:Pgi-wg@ogf.org">Pgi-wg@ogf.org</a><br>
<a href="http://www.ogf.org/mailman/listinfo/pgi-wg" target="_blank">http://www.ogf.org/mailman/listinfo/pgi-wg</a><br>
</blockquote></div><br>