[ogsa-wg] [ogsa-authn-bof] Notes from Joint OGSA WG AuthN/AuthZ call

Donal K. Fellows donal.k.fellows at manchester.ac.uk
Fri Jun 22 03:36:50 CDT 2007

Blair Dillaway wrote:
> I think we've all been disappointed by the level of
> participation in the AuthZ area. We really should consider
> whether continued work on the currently chartered documents is
> justified and what actions might lead to renewed interest.
> I've been concerned about this for a while now and have spoken with
> some with other security professionals about this work. The general
> response was apathetic.

That's worrying, but not surprising. While I'm in a project with some
very good security people, they're not interested in doing standards
work *at all* at the moment. :-\

> - Isn't the work already being done in OASIS on WS-Trust, XACML,
> etc. adequate

It would be nice if we could operate as profiles on those other specs.
If we can't (and the only way we can tell is by thorough analysis of our
use-cases, which are certainly fairly sophisticated when we start to
think about multi-partner collaborations) then it is incumbent upon us
to feed back this information to the OASIS guys.

> - Standards in this area aren't a priority since most
> customers don't care about pluggability for these types of
> components.

My impression (as someone only intermittently involved) has been that it
is horrendously difficult even to do the basic stages of interoperable
AuthN, so the higher-level aspects (such as *all* of AuthZ!) have been
largely ignored. This suggests to me that a valuable way forward would
be to put effort into trying to make these basic things work, which is
very much the focus of the OGSA Express work. Maybe the advanced things
are more academically interesting, but without the interoperable basic
parts, it's suspiciously like a castle in the air. (There are many
parallels with other parts of OGSA, such as in execution management
where the really interesting things are in areas like reservations, but
much needed to be worked on first so that the foundations could be built
on which the fun stuff rests.)


More information about the ogsa-wg mailing list