This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/go/artf3442?nav=1 at Thu, 03 Nov 2022 16:11:05 GMT SourceForge : artf3442: (752) Conceptual Grid Authorization Framework and Classification

Project Home

Tracker

Documents

Tasks

Source Code

Discussions

File Releases

Wiki

Project Admin
Search Tracker
Project: Editor     Trackers > Published > View Artifact
Artifact artf3442 : (752) Conceptual Grid Authorization Framework and Classification
Tracker: Published
Title: (752) Conceptual Grid Authorization Framework and Classification
Description:
Authorization Frameworks and Mechanisms WG.
Submitted By: Markus Lorch
Submitted On: 03/06/2004 12:27 AM EST
Last Modified: 05/06/2007 4:46 AM EDT
Closed: 07/13/2005 1:14 AM EST

Status / Comments Change Log Associations Attachments (7)  
Status  
Group: *
Status:* Closed
Category: *
Customer: *
Priority: * 0
Assigned To: * None
Reported in Release: *
Fixed in Release: *
Estimated Hours: * 0
Actual Hours: * 0
resolution: *
Comments
Greg Newby: 05/06/2007 4:46 AM EDT
  Action: Update
resolution changed from PUBLISHED to none (no value)
Greg Newby: 07/13/2005 1:14 AM EST
  Comment:
Mass Update
  Action: Update
artifact_status changed from Open to Closed
close_date changed from - to 2005-07-12 22:14:48
resolution changed from <None> to PUBLISHED
Stacey Giannese(disabled): 11/23/2004 12:48 PM EST
  Comment:
Mass Move
  Action: Update
artifact_group changed from SEC to <None>
artifact_status changed from Closed to Open
assigned_to changed from 111 to 100
Category changed from Informational to <None>
group_artifact_id changed from Submit GGF Draft to Published
resolution changed from Published to <None>
Stacey Giannese(disabled): 11/23/2004 12:41 PM EST
  Attachment: GFD.038.pdf (296.84 KB)
  Action: Update
File added set to 491: GFD.038.pdf
Stacey Giannese(disabled): 11/23/2004 12:29 PM EST
  Attachment: GFD.038.doc (431.5 KB)
  Action: Update
File added set to 490: GFD.038.doc
Greg Newby: 11/22/2004 7:42 PM EST
  Comment:
Some final edits that Stacey can apply, or I will.  Stacey, I had grabbed #37 earlier today, so this can be #38, or we can change the other.

Yes, the first page can be entirely removed, and the date should be November 23 2004 on all pages (or a similar date).

I think the copyright notice is right, but should be 2004, not 2003.

Otherwise, I agree this is looking good, and pending these few changes is approved for publication.  Thanks very much for your efforts!
  Action: Update
Greg Newby: 11/22/2004 7:42 PM EST
  Action: Update
artifact_status changed from Final Editor Review to Closed
assigned_to changed from 302 to 111
close_date changed from - to 2004-11-22 15:42:38
Priority changed from 1 to -
resolution changed from <None> to Published
Markus Lorch: 11/12/2004 7:56 AM EST
  Comment:
Greg,

I looked at the edits made and noted the following:
 - shouldn't the first page be removed for the final version
 - the date on all but the first document page was changed 
   to "November 2004" the revised date on the first page
   reads 2004-10-15
- I am not sure if the copyright notice is the latest version,
   it lists 2003 as the year.
  Action: Update
Stacey Giannese(disabled): 11/08/2004 12:51 PM EST
  Comment:
Greg-

I've made modifications and uploaded a new version for your review before pubications and to make into a pdf.
  Action: Update
Stacey Giannese(disabled): 11/08/2004 12:51 PM EST
  Attachment: GFD.037.doc (443.5 KB)
  Action: Update
File added set to 480: GFD.037.doc
Greg Newby: 10/28/2004 10:31 AM EST
  Action: Update
Priority changed from 2 to 1
Stacey Giannese(disabled): 10/25/2004 11:40 AM EST
  Action: Update
assigned_to changed from 477 to 302
Stacey Giannese(disabled): 10/25/2004 11:40 AM EST
  Action: Update
artifact_status changed from Author Reviewing Edits to Final Editor Review
resolution changed from Returned to Authors/Group to <None>
Markus Lorch: 10/15/2004 11:39 AM EST
  Action: Update
artifact_status changed from Pending Info from Authors to Author Reviewing Edits
Markus Lorch: 10/15/2004 11:38 AM EST
  Action: Update
File Deleted changed from 455: draft-ggf-authz-framework-20041015.doc to none (no value)
Markus Lorch: 10/15/2004 11:38 AM EST
  Attachment: draft-ggf-authz-framework-20041015-changes-accepted.doc (441.5 KB)
  Action: Update
File added set to 456: draft-ggf-authz-framework-20041015-changes-accepted.doc
Markus Lorch: 10/15/2004 11:37 AM EST
  Comment:
Comments have been addressed by me as the document editor. I am asking for a final review and endorsement by co-authors by Friday Oct. 22,2004 (see 
mail to the authz-wg list). If no problems are found I would release the document for final GFSG review after this date.  

The attached document has change-tracking enabled so my modifications are easily visible. Detailed discussion of changes will take place on the 
mailing list.

Markus
  Action: Update
Markus Lorch: 10/15/2004 11:37 AM EST
  Action: Update
File added set to 455: draft-ggf-authz-framework-20041015.doc
Markus Lorch: 10/15/2004 11:37 AM EST
  Attachment: draft-ggf-authz-framework-20041015.doc (480.5 KB)
  Action: Update
File added set to 454: draft-ggf-authz-framework-20041015.doc
Markus Lorch: 10/15/2004 11:37 AM EST
  Comment:
Comments have been addressed by me as the document editor. I am asking for a final review and endorsement by co-authors by Friday Oct. 22,2004 (see 
mail to the authz-wg list). If no problems are found I would release the document for final GFSG review after this date.  

The attached document has change-tracking enabled so my modifications are easily visible. Detailed discussion of changes will take place on the 
mailing list.

Markus
  Action: Update
Greg Newby: 10/05/2004 5:12 PM EST
  Comment:
(Updating status to indicate we are awaiting author action.  gbn)
  Action: Update
Greg Newby: 10/05/2004 5:12 PM EST
  Action: Update
artifact_status changed from Final 15day GFSG Review to Pending Info from Authors
resolution changed from <None> to Returned to Authors/Group
Stacey Giannese(disabled): 09/28/2004 1:17 PM EST
  Comment:
Author needs to apply some edits to this document before it can go into final GFSG review. New version of the document will be uploaded shortly.
  Action: Update
Stacey Giannese(disabled): 09/28/2004 1:09 PM EST
  Action: Update
artifact_status changed from Public Comment Period to Final 15day GFSG Review
Dane Skow: 09/23/2004 8:38 AM EST
  Comment:
Olle,
You'll have to shepherd this since I'm an author.
AD's comment is expected to document concurrance publicly.
Dane
  Action: Update
Dane Skow: 09/23/2004 8:38 AM EST
  Action: Update
assigned_to changed from 100 to 477
Steve Crumb: 09/23/2004 5:46 AM EST
  Comment:
User removed
  Action: Update
assigned_to changed from 114 to 100
Stacey Giannese(disabled): 08/30/2004 11:22 AM EST
  Comment:
Document has ended public comment period. View comments at https://forge.gridforum.org/forum/forum.php?forum_id=416.
  Action: Update
Stacey Giannese(disabled): 08/30/2004 11:19 AM EST
  Action: Update
Priority changed from 3 to 2
Stacey Giannese(disabled): 07/29/2004 11:39 AM EST
  Comment:
Document has now finished public comment period but no comments were made so document will re-enter another 30 day public comment period.

Due date: 8-29-04
  Action: Update
Stacey Giannese(disabled): 06/29/2004 10:01 AM EST
  Action: Update
assigned_to changed from 111 to 114
Stacey Giannese(disabled): 06/29/2004 9:45 AM EST
  Comment:
Document will now enter a 30 day public comment period. Due date: 7-29-04
  Action: Update
Jennifer Schopf: 06/24/2004 8:46 PM EST
  Action: Update
Priority changed from 5 to 3
Steve Crumb: 06/24/2004 4:00 PM EST
  Action: Update
artifact_status changed from AD Review to Public Comment Period
assigned_to changed from 114 to 111
resolution changed from Returned to Authors/Group to <None>
Marty Humphrey: 06/24/2004 8:31 AM EST
  Comment:
Comments on AuthZ Framework

Page 5: 2nd paragraph: "bases" should be "basis"

In the first paragraph of section 2, can the authors better differentiate this document from the other work? Why don't these other documents suffice 
in place of the GGF document? I'd like to see a stronger statement than "[these works] have influenced our framework."

Re: the definitions on p.6: The document defines "subject", "resource", and "authority", but these definitions are disclaimed with " This terminology 
will be more refined during the course of the document." Can't these terms be defined just once, completely?

The document consistently misuses "i.e.," as "i.e." and "e.g., " as "e.g."

The document defines an Authority as "An administrative entity that is capable of and authoritative for issuing, validating and revoking an electronic
 means of proof such that the named subject (a.k.a. holder) of the issued electronic means is authorized to exercise a certain right or assert a 
certain attribute." I am particularly uncomfortable with the phrase "electronic means of proof", which is awkward at the least. Can "means of proof" 
be replaced with "assertion" (which the document freely uses in the next paragraph)?

The document never actually states that the general procedure re: authorization (e.g.,is first to authenticate and then to authorize. That is, 
authentication is a NECESSARY first step. Why does the document not mention this? The authors imply (e.g., in the "three distinct processes" 
enumeration at the bottom of p. 6) that this is authenticate-then-authorize is not true. Can't this be simply stated in the document?

In this "three-distinct processes", can "executable policy" be replaced by the phrase "digital representation of the policy"? The policy itself is not
 "executable". Policy engines may interpret it,  but it is not "executable". 

Middle page 7, part c is currently "The signing of a record of an Authorization as to assert its authority." I don't know what this means. 

I don't know if I agree with the document's mapping of RFC2904 to the document's terminology. Specifically, the document states that the RFC2904 "AAA 
Server" is "a server acting on behalf of the Authorization Authority". For one thing, the AAA Server could be precisely the Authorization Authority, 
not acting on behalf of it. For another, the AAA server could be focused on Accounting, which has nothing to do with Authorization.

Top of page 9, in the description of the authorization push sequence, the document contains " This assertion should have a validity time window 
associated with it." Isn't this being prescriptive, and as such is out of the scope of the document? That is, what is the implied meaning of "should"?
 

p.17: " Some of the issues that are addressed by policy management is who can create�" should be " Some of the issues that are addressed by policy 
management are who"

Overall, it's a nice document, although it's redundant at times. I suspect that this is because separate individuals were assigned separate sections. 
Perhaps the editor of this document (Lorch) can go through and compress the redundant parts? Perhaps he believes he has already done this?

Finally, Section 6 ("related standards") could be improved by, instead of simply enumerating the related work such as SAML and XACML, the related work
 should be described as fitting into a particular place in Figure 3.1, which is the "generic" AuthZ architecture in this GGF document.
  Action: Update
Marty Humphrey: 06/24/2004 8:31 AM EST
  Action: Update
resolution changed from <None> to Returned to Authors/Group
Dane Skow: 06/01/2004 6:27 PM EST
  Comment:
I am an author for this document and will have to recuse myself from GFSG review.
  Action: Update
Dane Skow: 06/01/2004 6:27 PM EST
  Action: Update
assigned_to changed from 497 to 114
Markus Lorch: 04/08/2004 5:25 PM EST
  Comment:
Added references based on Mary Thompson's comments
  Action: Update
Markus Lorch: 04/08/2004 5:25 PM EST
  Attachment: draft-ggf-authz-framework-20040408.doc (436.5 KB)
  Action: Update
File added set to 283: draft-ggf-authz-framework-20040408.doc
Stacey Giannese(disabled): 03/24/2004 3:36 PM EST
  Action: Update
artifact_status changed from Open to AD Review
Lavanya Ramakrishnan: 03/23/2004 9:18 AM EST
  Comment:
I have contributed to this document and agree with the contents of the document
  Action: Update
None: 03/22/2004 9:14 AM EST
  Comment:
I have contributed to this document and I have participated in the editing and review.  I agree with the contents of this document and I endorse it.

Rich Baker
  Action: Update
Stacey Giannese(disabled): 03/19/2004 3:56 PM EST
  Action: Update
assigned_to changed from 108 to 497
Priority changed from - to 5
Markus Lorch: 03/06/2004 12:27 AM EST
  Action: Create

Markus Lorch: 03/06/2004 12:27 AM EST
  Attachment: draft-ggf-authz-framework-20040305.doc (432.5 KB)
  Action: Update
File added set to 262: draft-ggf-authz-framework-20040305.doc

 
 
 
< Previous
 
 
Next >
 


The Open Grid Forum Contact Webmaster | Report a problem | GridForge Help
This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/go/artf3442?nav=1 at Thu, 03 Nov 2022 16:11:17 GMT