gws-wg agenda and meeting goals agenda summary of reference implementations vostore progress vostore...
TRANSCRIPT
![Page 1: GWS-WG agenda and meeting goals Agenda Summary of reference implementations VOStore progress VOStore issues and plans –How to reconcile VOStore and VOSpace?](https://reader035.vdocuments.net/reader035/viewer/2022080914/56649f555503460f94c78da5/html5/thumbnails/1.jpg)
GWS-WG agenda and meeting goalsAgenda • Summary of reference implementations • VOStore progress • VOStore issues and plans
– How to reconcile VOStore and VOSpace? – Does the DIME attachment method really work?
• VO basic profile • Security progress
– NVO progress (M. Graham: presentation) – EuroVO progress
• Security issues – Updated thoughts on certificate authorities – How to encode group attributes? – Details of delegation interface. – What community services do we need?
• Presentation: Italian work with Grid• Universal Worker Service: needed by other groups?
– Theory group – NVO/opticon s/w environment
![Page 2: GWS-WG agenda and meeting goals Agenda Summary of reference implementations VOStore progress VOStore issues and plans –How to reconcile VOStore and VOSpace?](https://reader035.vdocuments.net/reader035/viewer/2022080914/56649f555503460f94c78da5/html5/thumbnails/2.jpg)
Reference implementations• VOSI
– Caltech– JHU?– (AstroGrid)
• VOStore– AstroGrid– Caltech– ESO– JHU
• SSO– JHU– NCSA (including community services)– ESO– AstroGrid
• Any others?
![Page 3: GWS-WG agenda and meeting goals Agenda Summary of reference implementations VOStore progress VOStore issues and plans –How to reconcile VOStore and VOSpace?](https://reader035.vdocuments.net/reader035/viewer/2022080914/56649f555503460f94c78da5/html5/thumbnails/3.jpg)
VOStore/VOSpace issue
• Original plan: VOStore in 2005; VOSpace later– => independently accessible VOStore– => more function in VOStore than needed with
VOSpace– => allows v1.0 PR ~ December 2005
• Do we still want to do this?– Could we delay VOStore to wait for VOSpace?
• How much function does VOStore need to be independent?– How to handle naming of files?– Can we handle file sharing?– Can we handle groups?
![Page 4: GWS-WG agenda and meeting goals Agenda Summary of reference implementations VOStore progress VOStore issues and plans –How to reconcile VOStore and VOSpace?](https://reader035.vdocuments.net/reader035/viewer/2022080914/56649f555503460f94c78da5/html5/thumbnails/4.jpg)
VOStore DIME issue
• VOStore v0.18 says DIME is mandatory
• DIME implementations suck
• DIME is obsolete anyway (c.f. MTOM)
• Do we want to keep DIME in VOStore?
• If not, what replaces it?
![Page 5: GWS-WG agenda and meeting goals Agenda Summary of reference implementations VOStore progress VOStore issues and plans –How to reconcile VOStore and VOSpace?](https://reader035.vdocuments.net/reader035/viewer/2022080914/56649f555503460f94c78da5/html5/thumbnails/5.jpg)
Security componentsCommunity
services
Credential
cache
Client
application
A SOAPService
MyProxy SAMLLocalProxy
Digital Signature
Digital Signature
Delegation
Another
SOAP Service
Delegation
An HTTPS
service
TLS
![Page 6: GWS-WG agenda and meeting goals Agenda Summary of reference implementations VOStore progress VOStore issues and plans –How to reconcile VOStore and VOSpace?](https://reader035.vdocuments.net/reader035/viewer/2022080914/56649f555503460f94c78da5/html5/thumbnails/6.jpg)
Security issues: group attributes
• Several ways to encode “user x belongs to group y”:– SAML attributes in SOAP header (“push”)– SAML authority service in community (“pull”)– SAML in user id certificate (“push”)– Extra attribute certificates (“push” or “pull”)– Any others?
• Which?• Can we defer the decision until SSO v2?
![Page 7: GWS-WG agenda and meeting goals Agenda Summary of reference implementations VOStore progress VOStore issues and plans –How to reconcile VOStore and VOSpace?](https://reader035.vdocuments.net/reader035/viewer/2022080914/56649f555503460f94c78da5/html5/thumbnails/7.jpg)
Security issues: community services
• What services are to be IVOA standard?
• MyProxy
• SAML?
• Standard sign-on service?– UI, so need not be fully standard
![Page 8: GWS-WG agenda and meeting goals Agenda Summary of reference implementations VOStore progress VOStore issues and plans –How to reconcile VOStore and VOSpace?](https://reader035.vdocuments.net/reader035/viewer/2022080914/56649f555503460f94c78da5/html5/thumbnails/8.jpg)
Security issues: CAs
EuroVO CA
ESA CA
Sign
Sign
VO service
ESA user
Grid service
Grid CA
Sign
VO service
ESA user
Grid service
![Page 9: GWS-WG agenda and meeting goals Agenda Summary of reference implementations VOStore progress VOStore issues and plans –How to reconcile VOStore and VOSpace?](https://reader035.vdocuments.net/reader035/viewer/2022080914/56649f555503460f94c78da5/html5/thumbnails/9.jpg)
Security issues: delegation• Need delegation interface on SOAP services.
– Delegating client signs proxy credential for service receiving delegation
– One SOAP method to get unsigned credential– Another SOAP method to send signed credential– Precedes secured method(s)– OK?
• Similar with HTTPS– OK?