OGSA-AuthN BoF document and contributer slide

Immediate actions needed for OGSA-WG
Ą	develop basic, short-term use cases (AG)
Ą	develop profile to support these use cases in the next 3-6 months (AG)
no scope creep allowed for these actions, so as not to stall HPCP

Proposed work or documents
Ą	refine use of reusable tokens over secure channels in OGSA context
	(AS,BD;DS,NK)
	Ą	possible and probably based on WS-I, profiling for
		identity needed for how to talk to a service, use cases
		needed, including username/password over TLS, PKI, Krb.
	Ą	community practices document (AS): GFD.78, Unicore (DS),
		GRIA (??)
Ą	interfacing SAML to Grid (GridShib, ShibGrid, SHEBANG,
	SLCS/SWITCH like) Đ
	(NK, MJ, CW, VonW, TomS) Đ relate to the GridShib BoF
Ą	develop richer use cases to drive AuthN work (HK) -> working doc,
	no GFD track
	Ą	should be based on general OGSA use cases

Postp[oned items
Ą	AuthN roadmap (AS,NK Đ postponed till use case inventory complete)
	Ą	including schedule when to complete specifications
Ą	impersonation (postponed Đ 2-3yrs?)
	Ą	PROTOCOLs to convey this information, for PKI, SAML,
		restricted rights &c
	Ą	to create a SSO environment
	Ą	or where man-in-the-middle is completely invisible
	Ą	in federated idenity, the IdP is the entity; bearer credential
		influences LoA
	Ą	active and/or ÔpassiveŐ authentication profiles
Ą	conveyance of LoA in AuthN in protocols, (depends on LoA-RG output;
	need requirements first; -> postponed a bit)
	Ą	LoA consumption by services, identification of entities; do
		we know the format?


-- 
David Groep