-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 03/09/2011 09:35 PM, Melinda Shore wrote:
> On Mar 9, 2011, at 11:32 AM, Sam Hartman wrote:
>> we've definitely seen significant interest from the VO use case. However
>> I'm not entirely sure that's the same as the campus use case.
>
not speaking as chair in any way...
> I don't think so. In the grid context a VO can
> be pretty dynamic. Might be worth checking out
> the use cases at the Globus Consortium and the
> Open Grid Foundation.
Right. We touched on this very briefly in China I think. There was
a discussion about the need to incorporate attribute authorities
that are separate from identity providers in the model. In the
WebSSO case this corresponds to an entity that (only) implements
attribute SAML query (typically using the SOAP binding).
In WebSSO land (and I suspect this will be true for abfab aswell)
there are different schools of thought as to how such attribute
authorities become part of an authentication flow. One school
favors proxy IdPs and one prefers having the service provider
query the AA directly. Both have their benefits and drawbacks.
Cheers Leif
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk136gYACgkQ8Jx8FtbMZnfVtACgnoKmrRKR8Va0fC/v5bfe8use
IIYAoJ3Dd2MwQ4fRxdLLXbggmH1o94Ig
=s8II
-----END PGP SIGNATURE-----
_______________________________________________
abfab mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/abfab
