(r7) InterOpMay2006GridAndWebServices < IVOA

IVOA Web>IvoaEvents>InterOpMay2006>InterOpMay2006GridAndWebServices (revision 7) (raw view)~~EditAttach~~

---+ Agenda for GWS-WG sessions 1 & 2, Monday 14th May 2006

---++ Topics

   * SSO security
      * Issues with TLS (listed in methods document)
      * Issues with digital signature (listed in methods document)
      * Issues with certificate chains (listed in methods document)
      * Any other changes to methods document before v1.0 WD?
      * Log-in/community services
      * Registering secures services
      * Delegation: details of delegation service interface
      * Arrangements for interop tests
   * Universal worker service
      * New spec: 4 possible application contracts
      * Which contract(s) shall we develop?
   * Experiences with grid
   * Experiences with CEA
   * VO Support Interfaces
      * Where are the implementations?
      * Log harvesting - VOSpace or not?
      * Any changes needed before v1.0 WD?

---++ Presentations

   * NVO log-in service (RayPlante):  [[%ATTACHURL%/IVOAMay06Security.pdf][PDF]]
   * AstroGrid SSO demonstration (GuyRixon)
   * UWS v0.2 (GuyRixon)
   * NVO Extensible Secure Scalable Service Infrastructure (NESSSI) (RoyWilliams)
   * <nop>VisIVO: Interoperability Towards Grid (Alessandro Costa)
   * Harvesting logs (KevinBenson)

---++ Objectives

   * SSO methods document -> v1.0 WD
   * Plan SSO interop tests and assign volunteers
   * VOSI document -> v1.0 WD, OR
   * Define improvements to VOSI needed for v1.0 WD
   * Plan VOSI interop tests and assign volunteers
   * Decide which UWS contract(s) to implement

---++ Documents
   * [[http://www.ivoa.net/internal/IVOA/IvoaGridAndWebServices/VOSupportInterfaces-0.24.pdf][VO Support Interfaces v0.24]]
   * [[http://www.ivoa.net/internal/IVOA/IvoaGridAndWebServices/UWS-0.2.doc][Universal Worker Service v0.2]]
   * [[http://www.ivoa.net/internal/IVOA/IvoaGridAndWebServices/ivoa-auth-mech-0.2.doc][SSO  authentication methods v0.2]]
   * [[SecurityRegistryMetadata][Registry metadata for security]]

---++ Notes from the sessions

---+++ SSO

   * NVO's prototype UAS was demonstrated. 
   * NVO prototype operates a "weak" CA - only valid e-mail required to register.
   * Strong validation of registrations is being investigated. This may add extra elements to the SSO profile.
   * The [[http://www.pubcookie.org/][pubcookie system]] is used to maintain SSO between web portals. This mechanism may become part of the SSO profile.
   * The UAS/community log-in process uses MyProxy and doesn't specifically need a web-browser. Use of MyProxy (as opposed to WS-Trust) was reaffirmed for the v1.0 standard.
   * AstroGrid's prototype was demonstrated: community login + digital-signature of request to a service.
   * There is an open issue of what names for users are presented to services. Currently only X.500 from certificates. Is this enough? Do we need to correlate different X.500 DNs for the same scientist?
   * Authenticate-methods spec. got four clarifictions and can now go to v1.0WD immediately.
      * Decision: services using TLS _are_ expected to support RFC3820 proxy-certificates. This may rule out regular TLS implemenations.
      * Decision: no IETF extensions to TLS (other than RFC3820) need be supported.
      * Decision: doesn't matter which version of WS-Security is used, support them both (later resarch showed that it the wire protocol is the same for both versions if only digital signature is used).
      * Decision: certificate-chain checking must respect limits on chain length stated inside certificates.
   * Volunteers for SSO interop-trials:
      * NVO - RayPlante, MatthewGraham
      * ESO - Paul Harrison
      * AG - GuyRixon, DaveMorris





---+ Agenda for GWS-WG sessions 3 & 4, Friday 18th May 2006

Topics:

   * VOSpace
      * Reprise: what happened to VOStore?
      * Finalize the operation names
      * Finalize the identifier scheme
      * Finalize the operation semantics
      * WSDL: how to represent different kinds/levels of service?
      * Road-map: features held over to later versions of VOSpace

   * Presentations
      * Change from VOStore to VOSpace (MatthewGraham)
      * VOStore operations and their semantics (DaveMorris)
      * VOStore WSDL (PaulHarrison)
      * Road-map (speaker TBD)

   * Objectives
      * V1.0 WD of spec.
      * Plan for interop. tests 










<br/>
<!--
      * Set ALLOWTOPICRENAME = %MAINWEB%.TWikiAdminGroup
-->
   * : Ray Plante's presentation

Attachments

Topic attachments
I	Attachment	History	Action	Size	Date	Who	Comment
pdf	IVOAMay06Security.pdf	r1	manage	1839.8 K	2006-05-15 - 18:36	RayPlante	Ray Plante's presentation

Topic revision: r7 - 2006-05-18 - GuyRixon

IVOA

Log in or Register

IVOA.net
Wiki Home
WebChanges
WebTopicList
WebStatistics

Twiki Meta & Help
IVOA
Know
Main
Sandbox
TWiki

TWiki intro
TWiki tutorial
User registration
Notify me

Working Groups

Interest Groups

Time Domain

Committees

Stds&Procs

www.ivoa.net
Documents
Events
Members
XML Schema