WS-Trust and delegation

A discussion often taking place within the Grid community is the Grid Security Infrastructure (GSI) and the use of modified X.509 certificates for delegation scenarios (RFC 3820 – “Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate Profile”). Not everyone agrees with the approach and, hence, the use of GSI sometimes means non-interoperable solutions. Credential-delegation, however, is often required in Grid and other environments.

I have blogged in the past about the work on delegation using SAML by my friend Marty and his team in Virginia. Today I had a look at the updated version of the WS-Trust (February 2005) specification and I saw that delegation is supported (I don’t know whether it was there in the previous version) in a WS environment and for any security tokens (not just X.509 certificates). This is very good news and another reason why the Grid community should be helping the industry to standardise and build the WS stack rather than trying to impose its own infrastructure (e.g. OGSI, WSRF, GSI).

Recent Posts

BrainExpanded – The Timeline

See "BrainExpanded - Introduction" for context on this post. Notes and links Over the years,…

4 days ago

BrainExpanded – Introduction

This is the first post, in what I think is going to be a series,…

4 days ago

Digital twin follow up

Back in February, I shared the results of some initial experimentation with a digital twin.…

2 weeks ago

Digital Twin (my playground)

I am embarking on a side project that involves memory and multimodal understanding for an…

10 months ago

“This is exactly what LLMs are made for”

I was in Toronto, Canada. I'm on the flight back home now. The trip was…

1 year ago

AI is enhancing me

AI as an enhancer of human abilities.

1 year ago