A discussion often taking place within the Grid community is the Grid Security Infrastructure (GSI) and the use of modified X.509 certificates for delegation scenarios (RFC 3820 – “Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate Profile”). Not everyone agrees with the approach and, hence, the use of GSI sometimes means non-interoperable solutions. Credential-delegation, however, is often required in Grid and other environments.
I have blogged in the past about the work on delegation using SAML by my friend Marty and his team in Virginia. Today I had a look at the updated version of the WS-Trust (February 2005) specification and I saw that delegation is supported (I don’t know whether it was there in the previous version) in a WS environment and for any security tokens (not just X.509 certificates). This is very good news and another reason why the Grid community should be helping the industry to standardise and build the WS stack rather than trying to impose its own infrastructure (e.g. OGSI, WSRF, GSI).
See "BrainExpanded - Introduction" for context on this post. Notes and links Over the years,…
This is the first post, in what I think is going to be a series,…
Back in February, I shared the results of some initial experimentation with a digital twin.…
I am embarking on a side project that involves memory and multimodal understanding for an…
I was in Toronto, Canada. I'm on the flight back home now. The trip was…