This is a static archive of the previous Open Grid Forum Redmine content management system saved from host redmine.ogf.org file /dmsf_files/28 at Thu, 03 Nov 2022 23:10:32 GMT DMSF - CAOPS WG - Open Grid Forum
  Copy

Documents / Informational / Relying Party Defined Namespace Constraints Policies in a Policy Bridge PKI Environment (GFD-I.189) Notify

Revisions

Download

2012-06-25 05:57:29 by David Groep

Relying Party Defined Namespace Constraints Policies in a Policy Bridge PKI Environment (GFD-I.189)

Informational/GFD.189.pdf

Relying Party Defined Namespace Constraints (RPDNC) are limitations on the subject namespace issued by X.509 certification authorities (CAs) that are defined and enforced by the end-point at the relying party side. As grid authentication based on X.509 credentials provides the subject DN as a handle that identifies the authenticated entity, the capability to ensure subject name uniqueness is of critical importance in ensuring overall integrity of the authentication system.
This document described the rationale and use cases for relying party defined name space constraints, and lists the set of desired features a policy language expressing such constraints should have.

1.0

Approved

application/pdf 

204.6 kB


Final GFD version

Download

2012-06-25 05:56:53 by David Groep

Relying Party Defined Namespace Constraints Policies in a Policy Bridge PKI Environment

Informational/draft-ogf-caops-rpdnc-20100622

Relying Party Defined Namespace Constraints (RPDNC) are limitations on the subject namespace issued by X.509 certification authorities (CAs) that are defined and enforced by the end-point at the relying party side. As grid authentication based on X.509 credentials provides the subject DN as a handle that identifies the authenticated entity, the capability to ensure subject name uniqueness is of critical importance in ensuring overall integrity of the authentication system.
This document described the rationale and use cases for relying party defined name space constraints, and lists the set of desired features a policy language expressing such constraints should have.

0.2

Approved

application/msword 

236.5 kB


Final WG version

Download

2012-06-25 05:55:45 by David Groep

Relying Party Defined Namespace Constraints Policies in a Policy Bridge PKI Environment

Informational/Relying Party Defined Namespace Constraints Policies in a Policy Bridge PKI Environment.zip

Relying Party Defined Namespace Constraints (RPDNC) are limitations on the subject namespace issued by X.509 certification authorities (CAs) that are defined and enforced by the end-point at the relying party side. As grid authentication based on X.509 credentials provides the subject DN as a handle that identifies the authenticated entity, the capability to ensure subject name uniqueness is of critical importance in ensuring overall integrity of the authentication system.
This document described the rationale and use cases for relying party defined name space constraints, and lists the set of desired features a policy language expressing such constraints should have.

0.1

None

application/zip 

1.5 MB


Drafts

(1-3/3)

This is a static archive of the previous Open Grid Forum Redmine content management system saved from host redmine.ogf.org file /dmsf_files/28 at Thu, 03 Nov 2022 23:10:36 GMT