This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/go/artf3472?nav=1 at Thu, 03 Nov 2022 22:56:49 GMT SourceForge : artf3472: (788) The GRIPPKI and CA Policy
Home Projects Search
User Password Logins Disabled Help

Project Home
Tracker
Documents
Tasks
Source Code
Discussions
File Releases
Wiki
Project Admin
Search Tracker
Project: Editor     Trackers > Not Published > View Artifact
Artifact artf3472 : (788) The GRIPPKI and CA Policy
Tracker: Not Published
Title: (788) The GRIPPKI and CA Policy
Description: 
The GRIP project merges the worlds of UNICORE and Globus. This document describes the PKI environment during the project
 phase and outlines special problems relevant for GRIP. It is the second document out of a series of three..
Submitted By: Stacey Giannese(disabled)
Submitted On: 04/14/2004 10:51 AM EST
Last Modified: 10/25/2004 11:26 AM EST
Closed: 10/25/2004 11:26 AM EST

Status / Comments Change Log Associations Attachments (1)  
Status  
Group: *
Status:* Closed
Category: *
Customer: *
Priority: * 0
Assigned To: * None
Reported in Release: *
Fixed in Release: *
Estimated Hours: * 0
Actual Hours: * 0
Comments
Stacey Giannese(disabled): 10/25/2004 11:26 AM EST
  Comment: 
Mass Update
  Action: Update
artifact_status changed from Open to Closed
close_date changed from - to 2004-10-25 11:26:59
Priority changed from 4 to -
Stacey Giannese(disabled): 08/02/2004 9:52 AM EST
  Comment: 
Mass Move
  Action: Update
artifact_group changed from Individual Submission to <None>
artifact_status changed from Closed to Open
assigned_to changed from 497 to 100
Category changed from Informational to <None>
group_artifact_id changed from Submit GGF Draft to Not Published
resolution changed from Returned to Authors/Group to <None>
Stacey Giannese(disabled): 08/02/2004 9:52 AM EST
  Comment: 
This draft is returned. Authors intend to redraft and resubmit. 

This tracker will be closed and document will be removed from the pipeline.
  Action: Update
Stacey Giannese(disabled): 08/02/2004 9:52 AM EST
  Action: Update
artifact_status changed from Returned to Author(s) to Closed
close_date changed from - to 2004-08-02 09:52:35
resolution changed from Later to Returned to Authors/Group
Dane Skow: 07/06/2004 1:57 PM EST
  Comment: 
Gentlemen,

I've read your submission of the "GRIP PKI and CA Policy"
and have a few questions and comments. If I understand
the goals of the paper correctly, I believe there is a
publishable Experimental document here after a few
edits. Would you be so kind as to forward these comments
to Reinhard Letz as his email was missing from the draft.

With the exception of the section entitled "Interfacing UNICORE PKI
and Globus PKI", the document has a thorough description of how you
operated your project's PKI. This, particularly if compared with
documents from the CAOps working group (eg. GFD 16 & 17), would be a
welcomed experiences document for the Experimental thread. I believe
this is the intent rather than a general recommendation on how to run
a PKI (for UNICORE).

Since the only PKI changes required for the GRIP interface section was
the introduction of proxy certificates and a couple additional service
certificates, I wonder if this section doesn't belong better in the
"GRIP Interoperability" paper. However, this paper may strive to
record the GRIP PKI as differentiated from the UNICORE PKI and thus
need it. In which case, I'd say these interoperability driven features
are an integral part of the GRIP PKI. Subsection 3 (Comparison of
UNICORE and Globus Security) seems to contain much discussion
appropriate to a "Security Considerations" section. Appendix B belongs
in the paper and I'd recommend moving some text to the Security
Considerations section.

Either way, I'd ask you to review the paper in light of my comments on
the Interoperability document to be careful about distinguishing
between the Globus collaboration, the Globus toolkit, and the GRIP
project participants running services based on the Globus toolkit. As
an example, I refer you to the third paragraph of section 5 (The GRIP
PKI) on page 7: "For use of Globus, the user is also issued a Globus
certificate by the Globus CA." I believe you mean that in order to use
resources running services based on the Globus toolkit, the user is
issued a X.509 certificate from the "Globus CA" you operate as part of
the GRIP project. One could easily get the impression you were
interacting with services offered by the Globus collaboration
(particularly since they offer a "bootstrapping" Globus CA for folks
to get test certificates) when in fact, you are completely independent
as far as I can tell.

I'll return the document to you for your edits
and response.
  Action: Update
Dane Skow: 07/06/2004 1:57 PM EST
  Action: Update
artifact_status changed from AD Review to Returned to Author(s)
resolution changed from <None> to Later
Jennifer Schopf: 06/24/2004 8:47 PM EST
  Action: Update
Priority changed from 5 to 4
Dane Skow: 06/02/2004 6:07 PM EST
  Comment: 
This is in my queue, but I'm behind on my reading. Apologies and I'm working on it.
  Action: Update
Stacey Giannese(disabled): 04/14/2004 10:55 AM EST
  Action: Update
artifact_status changed from Open to AD Review
Stacey Giannese(disabled): 04/14/2004 10:51 AM EST
  Action: Create

Stacey Giannese(disabled): 04/14/2004 10:51 AM EST
  Attachment: TheGRIPPKIandCAPolicy[1].doc (342 KB)
  Action: Update
File added set to 285: TheGRIPPKIandCAPolicy[1].doc

 
Return
 
 
< Previous
 
 
Next >
 

The Open Grid Forum Contact Webmaster | Report a problem | GridForge Help
This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/go/artf3472?nav=1 at Thu, 03 Nov 2022 22:56:54 GMT