[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [ggf-ogsa-sec-wg] Plans for OGSA-SEC WG at GGF6
Point well taken. Being a co-author of the IBM/MS work, I understand your
point very well.
Strictly speaking in the context of this WG, I would like to point out that
this workgroup is formed to capture the requirements as applicable to OGSA
environment, lay out an architecture, and identify components be worked on.
This WG will not be getting into solving those requirements nor working on
specifications for those components that need to be worked on. If some of
those components are already worked on elsewhere, then those can be
factored in - and embraced as appropriate. For those that are not addressed
elsewhere or where it doesn't address the requirement completely, then WGs
would need to be formed and worked on - to write new specs or some form of
profiles to those frameworks.
Thanks,
Raj
|---------+---------------------------->
| | "Olle Mulmo" |
| | <mulmo@pdc.kth.se|
| | > |
| | |
| | 10/03/2002 12:03 |
| | PM |
| | |
|---------+---------------------------->
>-----------------------------------------------------------------------------------------------------------------------|
| |
| To: Nataraj Nagaratnam/Raleigh/IBM@IBMUS, <ogsa-sec-wg@gridforum.org> |
| cc: "Marty Humphrey" <humphrey@cs.virginia.edu> |
| Subject: RE: [ggf-ogsa-sec-wg] Plans for OGSA-SEC WG at GGF6 |
| |
| |
>-----------------------------------------------------------------------------------------------------------------------|
My two pessimistic cents:
I have a general feeling that people don't put much effort into
this area (except for PhD students who need to finish their
dissertations...) before more has come out of the WS-Security
world.
It's the ketchup bottle effect, I suppose: no point in doing
something if the giants are about publish something a couple of
months from now that will change the playing field. I constantly
hear the argument "Well, let's see what the MS/IBM guys cook up
first, and we'll revisit this later".
<disclaimer>
This is merely a reflection on my observations and conclustions. It
has nothing to do with my beliefs: I believe we should have the
discussion flowing right now -- and it is, but in a more general
context and on the security-wg list. Question is to what extent we
are ready/able to speak about OGSA details.
</disclaimer>
---
Example of what I mean:
I have investigated session key agreements within the WS framework
and derivation of such keys, in much reflecting on work that is
ongoing in the IPSEC world. The idea is that a WS "discussion" will
typically last for a time period that is different than any underlying
transport protocol session: also, other things such as not having to
rely on the underlying protocol providing security and end-to-end
confidentiality in case of relays are good things to have.
I have done some preliminary tests just to prove that my approach
would work, but I haven't bothered putting too much effort into
that last step, cleaning up the WSDL, documenting it, packaging it all
up and making it available to the community: in part because I'm not
sure it's worth it, as I expect the big MS/IBM steam roller to soon
come around the corner and declare how things should have been done
instead, "the WS way" (and thus, the OGSA way).
/Olle
-----Original Message-----
From: owner-ogsa-sec-wg@gridforum.org
[mailto:owner-ogsa-sec-wg@gridforum.org]On Behalf Of Nataraj Nagaratnam
Sent: den 3 oktober 2002 17:00
To: ogsa-sec-wg@gridforum.org
Cc: Marty Humphrey
Subject: [ggf-ogsa-sec-wg] Plans for OGSA-SEC WG at GGF6
Greetings:
I would like to follow up on Marty's note. To be honest, we were expecting
to see some traffic in this mailing list, about the documents, agenda, etc.
- though the lack of traffic concerns us, we are assuming that you are all
swamped with other work and you will contribute to this WG - as we get
towards GGF and/or at the GGF BOF.
I would like to emphasize the importance of the expertise and experience
each one of you have gained in the Grid space. We all have faced problems
to be solved in this space, solutions we came up with, common usage pattens
that can be viewed as requirements, etc. It is really important to share
that experience, bring them out in the form of requirements, identify
components that need to be worked etc. This will form the foundation for
the challenging task of addressing the Grid security requirements within
OGSA.
Success of this workgroup depends on active participation from each of you!
Looking forward working with all of you. See you at GGF6,
For
- Marty and Raj
----- Forwarded by Nataraj Nagaratnam/Raleigh/IBM on 10/03/2002 10:48 AM
-----
|---------+------------------------------->
| | "Marty Humphrey" |
| | <humphrey@cs.virgini|
| | a.edu> |
| | Sent by: |
| | owner-ogsa-sec-wg@gr|
| | idforum.org |
| | |
| | |
| | 09/28/2002 11:22 AM |
| | |
|---------+------------------------------->
>-------------------------------------------------------------------------------
----------------------------------------|
|
|
| To: <ogsa-sec-wg@gridforum.org>,
<security-wg@gridforum.org>
|
| cc:
|
| Subject: Plans for OGSA-SEC WG at GGF6
|
|
|
|
|
>-------------------------------------------------------------------------------
----------------------------------------|
Folks,
(This is being sent to the ogsa-sec-wg mailing list as well as the
general
security mailing list. We will most likely stay on the ogsa-sec-wg
mailing
list from now on. To sign up for the ogsa-sec-wg mailing list, go to:
http://www.cs.virginia.edu/~humphrey/ogsa-sec-wg/ )
As of right now, we plan to have a single OGSA-SEC-WG session at GGF6
during the Tuesday lunch session (12-1:30). Part of the purpose of this
email is to determine if we should have two sessions.
The planned agenda for this single session is:
. Review of OGSA Sec WG Charter
. Discussion of the drafts of the two documents
. Set priorities for the specifications in the drafts
. Identify participants and get commitments for authors
of new versions of the drafts, specifications identified in the
drafts
Are there any other agenda items that people are interested in having?
Of course,
we are really looking for other topics and the leaders of these topics.
This
working group will not _work_ if it's just Raj, Frank, and me :-)
Raj has made an excellent suggestion to me, which I have included here.
As a
general model of the process of the WG, Raj believes that we should (I
believe
this as well):
[1] Ask for folks to feed in requirements they see in the "Grid"
space
[2] Validate whether those are already covered in the submitted docs
and
extend/modify as appropriate
[3] Identify the components that need to be built based on those
requirements
[4] Validate/extend/modify these components against the components
outlined
in the arch doc
[5] List the specifications that are needed to form an
open/standardized OGSA
security model
[6] Identify work that is in progress in the standards
organization/industry
in these areas
[7] Based on #6, identify the work that is not addressed elsewhere
and those
that are important to OGSA - this is important to spend the
energy in GGF
without duplicating efforts. Of course, if extensions or profiles
are
needed under GGF, we need to do that.
[8] Based on the identified set of specifications that we need to
work on,
try to prioritize the list and come up with a
dependency/deliverable
graph
[9] Suggest spinning off workgroups based on specs identified to be
started
under GGF (# above)
[10] Work on deliverables that reflect the architecture/components
based on
#4 and #8.
So, please recommend agenda items and leaders. In fact, we welcome any
discussion
regarding the direction/scope of the ogsa-sec-wg.
Again, we're planning on a very productive GGF6 session (or two)! We
hope to see
you there!
-- Marty and Raj
OGSA Sec WG Co-chairs
Marty Humphrey
Assistant Professor
Computer Science Department
University of Virginia