[caops-wg] Draft minutes from CAOPS Session on 16.10
David Chadwick
d.w.chadwick at kent.ac.uk
Mon Oct 22 04:43:34 CDT 2007
Hi Christos
I actually did send the X.501 substree specification to the list whilst
the meeting was still active, so the notes should reflect that I did
this during the meeting, rather than saying that I still have to do it
after the meeting
regards
David
Christos Kanellopoulos wrote:
> Dear all,
>
> Find below a draft version of the minutes from the CAOPS session on
> 16.10.2007. Please review them and send any comment to the list. On
> Wednesday 23.10.2007 I will upload it on GridForge.
>
> -C.
>
> CAOPS Session OGF 21 16.10.2007
> -------------------------------------
>
> Note Takers: Licia Florio, Christos Kanellopoulos
>
> -------------------------------------
>
>
> David Groep: Grid Certificate Profile
> .....................................
>
> x The document has finished the public comment period as of October 8.
>
> A1: David Groep to send email to the CAOPS mailing list with answers to
> the comments
> A2: Christos Kanellopoulos to test IE7 with CA certificate that has been
> reissued
> A3: By Nov 6 a new version of the document should be available that will
> address all the comments. There is going to be one week afterwards for
> group comments and then it will be pushed to the editor's queue.
>
>
>
> Yoshio Tanaka: Audit Document
> ..............................
>
> x New version of the document was uploaded to GridForge
>
> - Christos Kanellopoulos: The document should provide a generic
> framework for performing audits on Grid IdPs. We should remove any
> statements on the preferred answers for each question in the document
> - Mike Helm: This look very much like the spreadsheet that is being used
> within TAGPMA for CA accreditation.
>
> A4: Mike Helm to send the spreadsheet template at the CAOPS mailing lists
> A5: By end of November a new version of the document should be ready.
> Christos Kanellopoulos to help with the editing.
>
>
> David Groep: Name Constraints
> ..............................
>
> x Still waiting for the replies from the people at OGF 20 CAOPS session
> x The implementation details will be stripped off from the document and
> it will be focused on the requirements for providing namespace
> constraints at the policy lave.
>
> - David Chadwick: What we want to achieve with this document can be
> found in the initial X.509 specs that got completely twisted around '97.
> This is expected to be changed in the new versions of the X.509 document
> - David Chadwick: Wild-card matching, as it is expressed in the
> document, did not exist in the X.500 specs. Subtree matching was part of
> the specs though
> - David Groep: We've added wild-card matching exactly to perform subtree
> matching
>
> A6: David Chadwick to send details at the CAOPS mailing list
> A7: David Groep to update the document with reference to the documents
> that David Chadwick will (if and where necessary)
>
> - Rachana Ananthakrishna: Globus will implement Namespace policies
> within 2008 Q1. Going to use the current policy language
> - David Groep: suggested that Globus eliminates the 1024 char limitation.
>
> A8: New version of the document by late December
>
> Mike Helm: OCSP Requirements for Grids
> ......................................
>
> x The document was derailed from its initial scope during its
> development in the past two years.
> x We should revisit the document focusing on the Trusted Responder concept.
> x There is a lot of useful information within the document that could be
> used in future documents.
> x There is some work done in IETF that supersedes the document. However
> it is worth to look at Trusted Responder. Seems like the current trend
> is to use CRLs or short-lived certificates.
>
> - Mike Helm: Users seem to be happy with the current CRL solution. Even
> when they face problems, they prefer to (over) engineer around them.
> - Rachana Ananthakrishna: In order for Globus to start working on an
> implementation, they need to have specific requirements from the users
>
> A9: Mike Helm: New draft document by early January
>
>
> ------------------------------------------------------------------------
>
> --
> caops-wg mailing list
> caops-wg at ogf.org
> http://www.ogf.org/mailman/listinfo/caops-wg
--
*****************************************************************
David W. Chadwick, BSc PhD
Professor of Information Systems Security
The Computing Laboratory, University of Kent, Canterbury, CT2 7NF
Skype Name: davidwchadwick
Tel: +44 1227 82 3221
Fax +44 1227 762 811
Mobile: +44 77 96 44 7184
Email: D.W.Chadwick at kent.ac.uk
Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html
Research Web site: http://www.cs.kent.ac.uk/research/groups/iss/index.html
Entrust key validation string: MLJ9-DU5T-HV8J
PGP Key ID is 0xBC238DE5
*****************************************************************
More information about the caops-wg
mailing list