[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [ggf-ogsa-sec-wg] Plans for OGSA-SEC WG at GGF6
Olle,
I would just like to echo Raj's comments, but from a somewhat different
perspective.
I am a University Professor directing a research program. Simply, if I
didn't believe that there were plenty of research issues here, I
wouldn't be involved in this. Additionally, I would also not be involved
here if I didn't think I could make an *impact*.
Healthy skepticism is good. But I think the grid community has a unique
set of requirements and a unique set of (actual and proposed) solutions
that could shape the WS security map. I'm hoping others feel the same
way.
I certainly appreciate your comments, because I know that others feel
this way as well.
-- Marty
Marty Humphrey
Assistant Professor
Computer Science Department
University of Virginia
> -----Original Message-----
> From: owner-ogsa-sec-wg@gridforum.org [mailto:owner-ogsa-sec-
> wg@gridforum.org] On Behalf Of Nataraj Nagaratnam
> Sent: Thursday, October 03, 2002 1:59 PM
> To: Olle Mulmo
> Cc: Marty Humphrey; ogsa-sec-wg@gridforum.org
> Subject: RE: [ggf-ogsa-sec-wg] Plans for OGSA-SEC WG at GGF6
>
>
> Point well taken. Being a co-author of the IBM/MS work, I understand
your
> point very well.
>
> Strictly speaking in the context of this WG, I would like to point out
> that
> this workgroup is formed to capture the requirements as applicable to
OGSA
> environment, lay out an architecture, and identify components be
worked on.
> This WG will not be getting into solving those requirements nor
working on
> specifications for those components that need to be worked on. If some
of
> those components are already worked on elsewhere, then those can be
> factored in - and embraced as appropriate. For those that are not
> addressed
> elsewhere or where it doesn't address the requirement completely, then
WGs
> would need to be formed and worked on - to write new specs or some
form of
> profiles to those frameworks.
>
> Thanks,
> Raj
>
>
>
>
>
> |---------+---------------------------->
> | | "Olle Mulmo" |
> | | <mulmo@pdc.kth.se|
> | | > |
> | | |
> | | 10/03/2002 12:03 |
> | | PM |
> | | |
> |---------+---------------------------->
>
>-----------------------------------------------------------------------
> ------------------------------------------------|
> |
> |
> | To: Nataraj Nagaratnam/Raleigh/IBM@IBMUS, <ogsa-sec-
> wg@gridforum.org> |
> | cc: "Marty Humphrey" <humphrey@cs.virginia.edu>
> |
> | Subject: RE: [ggf-ogsa-sec-wg] Plans for OGSA-SEC WG at
GGF6
> |
> |
> |
> |
> |
>
>-----------------------------------------------------------------------
> ------------------------------------------------|
>
>
>
>
> My two pessimistic cents:
>
> I have a general feeling that people don't put much effort into
> this area (except for PhD students who need to finish their
> dissertations...) before more has come out of the WS-Security
> world.
>
> It's the ketchup bottle effect, I suppose: no point in doing
> something if the giants are about publish something a couple of
> months from now that will change the playing field. I constantly
> hear the argument "Well, let's see what the MS/IBM guys cook up
> first, and we'll revisit this later".
>
> <disclaimer>
> This is merely a reflection on my observations and conclustions. It
> has nothing to do with my beliefs: I believe we should have the
> discussion flowing right now -- and it is, but in a more general
> context and on the security-wg list. Question is to what extent we
> are ready/able to speak about OGSA details.
> </disclaimer>
>
> ---
>
> Example of what I mean:
>
> I have investigated session key agreements within the WS framework
> and derivation of such keys, in much reflecting on work that is
> ongoing in the IPSEC world. The idea is that a WS "discussion" will
> typically last for a time period that is different than any underlying
> transport protocol session: also, other things such as not having to
> rely on the underlying protocol providing security and end-to-end
> confidentiality in case of relays are good things to have.
>
> I have done some preliminary tests just to prove that my approach
> would work, but I haven't bothered putting too much effort into
> that last step, cleaning up the WSDL, documenting it, packaging it all
> up and making it available to the community: in part because I'm not
> sure it's worth it, as I expect the big MS/IBM steam roller to soon
> come around the corner and declare how things should have been done
> instead, "the WS way" (and thus, the OGSA way).
>
> /Olle
>
> -----Original Message-----
> From: owner-ogsa-sec-wg@gridforum.org
> [mailto:owner-ogsa-sec-wg@gridforum.org]On Behalf Of Nataraj
Nagaratnam
> Sent: den 3 oktober 2002 17:00
> To: ogsa-sec-wg@gridforum.org
> Cc: Marty Humphrey
> Subject: [ggf-ogsa-sec-wg] Plans for OGSA-SEC WG at GGF6
>
>
> Greetings:
>
> I would like to follow up on Marty's note. To be honest, we were
expecting
> to see some traffic in this mailing list, about the documents, agenda,
etc.
> - though the lack of traffic concerns us, we are assuming that you are
all
> swamped with other work and you will contribute to this WG - as we
get
> towards GGF and/or at the GGF BOF.
>
> I would like to emphasize the importance of the expertise and
experience
> each one of you have gained in the Grid space. We all have faced
problems
> to be solved in this space, solutions we came up with, common usage
> pattens
> that can be viewed as requirements, etc. It is really important to
share
> that experience, bring them out in the form of requirements, identify
> components that need to be worked etc. This will form the foundation
for
> the challenging task of addressing the Grid security requirements
within
> OGSA.
>
> Success of this workgroup depends on active participation from each of
> you!
> Looking forward working with all of you. See you at GGF6,
>
> For
> - Marty and Raj
>
>
> ----- Forwarded by Nataraj Nagaratnam/Raleigh/IBM on 10/03/2002 10:48
AM
> -----
> |---------+------------------------------->
> | | "Marty Humphrey" |
> | | <humphrey@cs.virgini|
> | | a.edu> |
> | | Sent by: |
> | | owner-ogsa-sec-wg@gr|
> | | idforum.org |
> | | |
> | | |
> | | 09/28/2002 11:22 AM |
> | | |
> |---------+------------------------------->
>
>
>-----------------------------------------------------------------------
--
> ------
>
> ----------------------------------------|
> |
> |
> | To: <ogsa-sec-wg@gridforum.org>,
> <security-wg@gridforum.org>
> |
> | cc:
> |
> | Subject: Plans for OGSA-SEC WG at GGF6
> |
> |
> |
> |
> |
>
>
>-----------------------------------------------------------------------
--
> ------
>
> ----------------------------------------|
>
>
>
> Folks,
>
> (This is being sent to the ogsa-sec-wg mailing list as well as the
> general
> security mailing list. We will most likely stay on the ogsa-sec-wg
> mailing
> list from now on. To sign up for the ogsa-sec-wg mailing list, go to:
> http://www.cs.virginia.edu/~humphrey/ogsa-sec-wg/ )
>
> As of right now, we plan to have a single OGSA-SEC-WG session at GGF6
> during the Tuesday lunch session (12-1:30). Part of the purpose of
this
> email is to determine if we should have two sessions.
>
> The planned agenda for this single session is:
> . Review of OGSA Sec WG Charter
> . Discussion of the drafts of the two documents
> . Set priorities for the specifications in the drafts
> . Identify participants and get commitments for authors
> of new versions of the drafts, specifications identified in the
> drafts
>
> Are there any other agenda items that people are interested in having?
> Of course,
> we are really looking for other topics and the leaders of these
topics.
> This
> working group will not _work_ if it's just Raj, Frank, and me :-)
>
> Raj has made an excellent suggestion to me, which I have included
here.
> As a
> general model of the process of the WG, Raj believes that we should (I
> believe
> this as well):
> [1] Ask for folks to feed in requirements they see in the "Grid"
> space
> [2] Validate whether those are already covered in the submitted
docs
> and
> extend/modify as appropriate
> [3] Identify the components that need to be built based on those
> requirements
> [4] Validate/extend/modify these components against the components
> outlined
> in the arch doc
> [5] List the specifications that are needed to form an
> open/standardized OGSA
> security model
> [6] Identify work that is in progress in the standards
> organization/industry
> in these areas
> [7] Based on #6, identify the work that is not addressed elsewhere
> and those
> that are important to OGSA - this is important to spend the
> energy in GGF
> without duplicating efforts. Of course, if extensions or
profiles
> are
> needed under GGF, we need to do that.
> [8] Based on the identified set of specifications that we need to
> work on,
> try to prioritize the list and come up with a
> dependency/deliverable
> graph
> [9] Suggest spinning off workgroups based on specs identified to be
> started
> under GGF (# above)
> [10] Work on deliverables that reflect the architecture/components
> based on
> #4 and #8.
>
> So, please recommend agenda items and leaders. In fact, we welcome any
> discussion
> regarding the direction/scope of the ogsa-sec-wg.
>
> Again, we're planning on a very productive GGF6 session (or two)! We
> hope to see
> you there!
>
> -- Marty and Raj
> OGSA Sec WG Co-chairs
>
> Marty Humphrey
> Assistant Professor
> Computer Science Department
> University of Virginia
>
>
>
>
>
>
>
>
>
>
>