[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] comments re draft-sstc-metadata-iop-03
On Sun, Feb 15, 2009 at 1:09 PM, Tom Scavo <trscavo@gmail.com> wrote: > > Taking all of these requirements into consideration, the SAML metadata > consumed by the grid SP will include a custom <md:RoleDescriptor> > element of type ScienceGatewayDescriptorType containing one or more > <md:KeyDescriptor> elements, each containing a <ds:X509SubjectName> > element. The custom <md:RoleDescriptor> element also contains one or > more extended Scope elements. Finally, standard <md:Organization> and > <md:ContactPerson> elements give the required contact information for > the gateway. The schema and an example are located here: http://docs.google.com/Doc?id=ddj3qnj2_228hdzcdmhb Full certificates in metadata are not ruled out, but not all gateways possess such certificates, and even if they did, the information system does not store certificates, it stores DNs. Moreover, we are moving away from long-lived certificates. Tom
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]