Minutes of the OGSA Data WG telcon, 12th October 2005 0) Actions arising - Dave to put slides and reports from GGF on GridForge. - Dave to forward OGSA-DAI internal memo to Allen - Allen to comment on OGSA 1.5 draft; Dave to revise and send to list - Dave to send F2F plans to mailing list. - Peter to rewrite storage managment section to reflect changes from GSM-WG. - Allen to write text about policy. - Allen to write an overview section on security - Section authors to add security notes to their sections, once the overview is ready. - Dave to revamp section 3 of the architecture document - Everyone to talk with your contacts to get more participation in this WG. - Allen/Dave to contact David Martin & Hiro Kishimoto to get reviewers & expert participation (after internal reviews). 1) Early discussion * Roll call Dave Berry, NeSC (Note taker) Fred Maciel, Hitachi Allen Luniewski, IBM Peter Kunszt Mario Anotonioletti, EPCC The minutes from September 28th were approved. 2) Action report - Various actions relating to GGF15 [Done] - Dave to chase section authors re dates for their review sessions [We have revised the telcon schedule - see later] - Mario to check whether internal OGSA-DAI notes on security could be released, possibly just to Allen and Dave [Done. Dave to forward to Allen; Allen must not redistribute it.] - Dave to redraft data sections for OGSA 1.5 document [Ongoing. Dave has done a first draft, Mario has commented, Allen will comment. Dave to revise and send this to the OGSA-D list.] - Allen to write an overview section on security [Ongoing] - Section authors to add security notes to their sections, once the overview is ready. - Dave to revamp section 3 of the architecture document [Ongoing] - Everyone to talk with your contacts to get more participation in this WG. [Ongoing] - Allen/Dave to contact David Martin & Hiro Kishimoto to get reviewers & expert participation (after internal reviews). New action: Dave to put slides and reports from GGF on GridForge. 3) Planning our first drafts Allen & Dave have drafted a timetable for completing the first draft of both documents. This includes telcon schedules and F2F meetings. We will present this and discuss. Fred offerred to host OGSA Data meeting on Jan 16th if Hiro can't host it at Fujitsu. Dave to send plans to mailing list. Peter to rewrite storage managment section to reflect changes from GSM-WG. 4) Security Discussion It's clear that we can't get too involved in detailed security discussions. A key architectural issue is that we need to identify where authentication/authorisation activities should happen: (i) when an operation is called, (ii) when moving from the web service world to a data resource itself (and vice versa), (iii) when sending data as a result of an operation. We also need to consider the need to associate security policies with data itself (as opposed to data resources), and how to specify encryption for data movement resulting from operations. We need to think about TLS vs MLS vs None, and make a statement in the document. There are use cases that are not covered by existing Grid security standards, e.g. authentication may be restricted by physical location as well as users. We should produce use cases. We should also consider trust. Do we require AA at each level of a stack or can some services trust others above or below them? Requiring repeated AA would be a significant performance hit. We need to make the expression of policy more explicit in the architecture document. Allen to write text about this. 5) Wrap up DONM - THURSDAY 20th: OGSA 1.5 revision