This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/go/artf5321?nav=1 at Thu, 03 Nov 2022 23:31:50 GMT SourceForge : artf5321: (1322) Use of Proxy Certificates
Home Projects Search
User Password Logins Disabled Help

Project Home
Tracker
Documents
Tasks
Source Code
Discussions
File Releases
Wiki
Project Admin
Glance
Calendar
Search Tracker
Project: OGSA-WG     Trackers > WSRF Basic Profile > View Artifact
Artifact artf5321 : (1322) Use of Proxy Certificates
Tracker: WSRF Basic Profile
Title: (1322) Use of Proxy Certificates
Description: 
Standard but not widely adopted outside of grid community.
Submitted By: Tom Maguire
Submitted On: 03/14/2005 3:24 AM EST
Last Modified: 06/30/2008 10:48 PM EDT
Closed: 05/23/2005 9:30 AM EST

Status / Comments Change Log Associations Attachments  
Status  
Group: *
Status:* Closed
Category: * Version 1.0
Customer: *
Priority: * 0
Assigned To: * None
Reported in Release: *
Fixed in Release: *
Estimated Hours: * 0
Actual Hours: * 0
Comments
Andreas Savva: 06/30/2008 10:48 PM EDT
  Comment: 
Assigned category due to minor expected tweaks as a result of the experience document
  Action: Update
Category set to Version 1.0
Tom Maguire: 05/23/2005 9:30 AM EST
  Action: Update
artifact_status changed from Fixed to Closed
close_date changed from - to 2005-05-23 10:30:29
David Snelling: 05/23/2005 9:30 AM EST
  Comment: 
It seems that development of standards in this area are too premature for profiling. We will omit them from the basic profile 1.0.
  Action: Update
David Snelling: 05/23/2005 9:30 AM EST
  Action: Update
artifact_status changed from Pending to Fixed
David Snelling: 05/23/2005 5:19 AM EST
  Comment: 
From:     Takuya Mori

This was posted wrt 1323, but has relvance here too.

Hi All,

This message is intended to start the discussion on the WSRF-BP 
Tracker Item #1323 (and hopefully to close it).

TI#1323
Summary:     Communication of assertions
Description: Profiles for common assertions in headers or Proxy Certificate

I'd like to propose to add the following to the WSRF Basic Profile 1.0

----
8.1.x or 8.x Communications of assertions

  Senders MAY send assertions that can be used for policy decisions 
including access control decision by receivers with SOAP messages.

  The assertions MUST be SAML assertions or X509 attribute
certificates and senders and receivers MUST adhere to the Basic
SEcurity Profile or SAML Token Profile Version 1.0 when sending
assertions.

R08xx When communicating SAML assertions, a SENDER and a RECEIVER
      MUST comply with SAML Token Profile Version 1.0

R08xx When communicating X509 attribute certificates, a SENDER and 
      a RECEIVERMUST comply with the Basec Security Profile 
      Version 1.0 Section 5.
----

Here is some background on my proposal.
I think's it is better not to use proxy certificate as a mean for
communication of assertions, because there is no standardized way of 
embedding assertions in X509 certificates as certificate extentions,
thus, developing such a standard would be too costly.

----
    Takuya Mori
  Action: Update
Tom Maguire: 04/20/2005 2:53 PM EST
  Comment: 
sense of group BP needs to be free of details wrt to particular security mechanism .  But need more security presence on the call.
  Action: Update
Tom Maguire: 03/14/2005 3:26 AM EST
  Comment: 
Time boxed certificates (short lived certs)
  Action: Update
Tom Maguire: 03/14/2005 3:26 AM EST
  Action: Update
artifact_status changed from Open to Pending
Tom Maguire: 03/14/2005 3:24 AM EST
  Action: Create


 
Return
 
 
< Previous
 
 
Next >
 

The Open Grid Forum Contact Webmaster | Report a problem | GridForge Help
This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/go/artf5321?nav=1 at Thu, 03 Nov 2022 23:31:56 GMT