OGSA-Authentication Charter Birds-of-a-Feather session
Open Grid Forum 19, Chapel Hill, North Carolina, Feb. 1, 2007, 2:00-3:30 pm
Minutes taken by Jim Basney, NCSA

Alan presented the goals of the WG.
David presented the scope and proposed work.
Focus on WS-I profiles: TLS and SOAP message security.
Delegation is a fundamental OGSA requirement.
What does delegation have to do with authentication?  Is it authorization?
Should the group focus on impersonation?  Yes.
The group should refer to GFD.78 on the topic of delegation.
Verification of authentication credentials is in scope.
Use cases include both passive and active authentication.
Should this group address Shibboleth -> grid use cases?
Takuya Mori presented the two existing OGSA security documents:
1. OGSA Basic Security Profile 1.0 - Core
2. OGSA Security Profile 1.0 - Secure Channel
Username/password authentication is not supported by these documents.
Do these two work together?
#1 is targeted to message level security.
#2 is targeted to transport level security.
The discussion of the charter continued.
Document authors were solicited.
There's a clear requirement for username/password.
Other document ideas were considered.
First, we need a roadmap for the working group.
To address levels of assurance, we need the relying parties to define
their requirements, which this group can encode in certificates.
Let the LoA research group do their work first.
This group should leverage OGF liasons with IETF and OASIS.
Continued discussion on the mailing list.