Wiki
Version 3 (David Groep, 10/10/2012 03:38 PM)
| 1 | 1 | David Groep | h1. Mission |
|---|---|---|---|
| 2 | 1 | David Groep | |
| 3 | 1 | David Groep | There are currently multiple implementations validating VOMS credentials, and all of these have had to make uncoordinated choices in how to interpret bags of attributes. For security and integrity reasons alone it is needed that the interpretation of attributes is consistent. The scope is deliberately limited to writing two specific documents in a narrow subject space, for which insufficient guidance exists but where active work is ongoing. |
| 4 | 1 | David Groep | |
| 5 | 1 | David Groep | h1. Documents |
| 6 | 1 | David Groep | |
| 7 | 1 | David Groep | h3. Published GFDs |
| 8 | 1 | David Groep | |
| 9 | 2 | David Groep | _none yet_ |
| 10 | 1 | David Groep | |
| 11 | 1 | David Groep | h3. Documents currently under consideration by the CAOPS-WG |
| 12 | 1 | David Groep | |
| 13 | 1 | David Groep | * VOMS Attribute Certificate Parsing Rules for Chained Identity Credentials (http://redmine.ogf.org/dmsf_files/159) (editors: David Groep, Mike Jones) |
| 14 | 1 | David Groep | > * determining the effective attribute set for collated VOMS attributes as presented in a hierarchical chain of identity credentials |
| 15 | 1 | David Groep | > * order in which attributes are to be interpreted |
| 16 | 1 | David Groep | > * how to determine the set of valid attributes in case one out of a bag of VOMS ACs at the same level has expired |
| 17 | 1 | David Groep | |
| 18 | 2 | David Groep | * Understanding parsing rules for collated VOMS SAML space (_not available yet_) |
| 19 | 3 | David Groep | > * how validation parsing rules should be applied for collated VOMS attributes when used in a SAML environment |
| 20 | 3 | David Groep | > * how to different forms of delegation in SAML (e.g. who confirms the subject) impact the way attributes are to be interpreted |