[OGSA-AUTHZ] [ogsa-wg] [ogsa-authn-bof] Notes from Joint OGSA WG AuthN/AuthZ call

David Chadwick d.w.chadwick at kent.ac.uk
Mon Jun 25 14:30:39 CDT 2007

Hi Blair

Interestingly there is one aspect of authz that has a significant amount 
of user interest and that is merging attributes from Shibboleth and 
Grids to be used together for authz decision making. But this is 
currently not within the scope of the OGF OGSA Authz group's work plan. 
So what does this indicate?



Blair Dillaway wrote:
> I appreciate Donal and David sharing their views on the current AuthZ
> work. Let me just say up front that I believe the approach of
> profiling other standards to address unique grid community needs is
> the right one. One can also identify grid needs that aren't being
> addressed in other standards groups. I would like to believe we're
> struggling with an issue of perceived importance, not approach.
> Questions I've been thinking about, and my take on the situation: -
> Why has participation dropped off despite historic interest? A couple
> of people have indicated their work commitments caused them to pull
> back. It also appears some people are prioritizing other standards
> work ahead of this effort. - Who are the key customers/implementers
> for these standards and why aren't they participating? As Frank noted
> the other day, other Globus security work has been prioritized ahead
> of standards. My own employer doesn't see these profiles as a current
> priority, which impacts my ability to engage in the WG. I suspect
> other potential implementers have similar views. The lack of response
> to David's request for requirements does make one question the demand
> from grid deployers.
> I previously mentioned the 'not a priority' reactions I got from some
> security folks not currently engaged in the OGF.
> So, it certainly seems like an uphill battle in convincing people
> this work is critical to undertake now. Putting together convincing
> arguments on the benefits, and socializing them with the grid
> community, would be a lot of work. I'm not even certain the WG could
> effectively engage on this given the current level of participation.
> Am I off-base on my perception of the situation? Are there other
> actions we should be considering?
> Regards, Blair Dillaway


David W. Chadwick, BSc PhD
Professor of Information Systems Security
The Computing Laboratory, University of Kent, Canterbury, CT2 7NF
Skype Name: davidwchadwick
Tel: +44 1227 82 3221
Fax +44 1227 762 811
Mobile: +44 77 96 44 7184
Email: D.W.Chadwick at kent.ac.uk
Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html
Research Web site: http://www.cs.kent.ac.uk/research/groups/iss/index.html
Entrust key validation string: MLJ9-DU5T-HV8J
PGP Key ID is 0xBC238DE5


More information about the ogsa-authz-wg mailing list