GGF5 BOF Minutes

Site Authentication, Authorization, and Accounting - GGF5

Agenda:
1. Introduction of proposed RG charter
2. Present overview of US PPDG Site-AAA project
3. Present overview of EDG AAA efforts
4. Discuss RG formation and charter

Meeting Notes: 24/07/2002

1. Introduction of proposed RG charter

Dane Skow, Fermilab, introduced the proposed charter.

Charter draft revised from previous circulated version to  closer
match the GGF requirments.

Group name: Large Site requirements for Grid Identity & AAA
Chairs: TBD
Secretary/Document Editor: TBD
Mailing list: TBD
Web Site: TBD

Purpose: The purpose of this research group is to collect and codify
 the requirements of existing large grid resource sites with respect
 to the acceptance of grid credentials for access to their services.
 Where those requirements are non-uniform, or even mutually exclusive,
 the group will strive to determine interfaces which grid toolkits or
 applications need to provide for the sites to insert their own
 implementations of their requirements.

 Examples of large site requirements may include the following
   Feature requirements: Control points, Initiator identification,
   Uniqueness of identities;
   Operational requirements: strength and robustness,
   interoperability, scalable sitewide authorization controls.

 The output of this research group will be an informational or community
practices GGF document which grid application and library coders can use
as a reference guide, and suggestions for future development work in GGF
working groups.

2. Present overview of US PPDG Site-AAA project

Bob Cowles presented status. Talk to be available at
http://www.ppdg.net/pa/

3. Present overview of EDG AAA efforts

Luca dell Agnello summarized EDG efforts in authorization control
??? (didn't catch name) summarized EDG efforts on accounting

4. Discuss RG formation and charter

Questions:
	What is meant by Large-Site and should we not include general
site requirements as scope ?  (not resolved. concern of scope creep to be
balanced against multiple groups addressing similar concerns.)
	How will this effort engage/affect University collaborators of
large sites ? (collaborators may enter the GRID at their university site
or a remote members of the resource provider's site (eg. Labs) )
	Remove "interfaces" and replace with language that indicates more
clearly that the scope is not API writing, but rather
control/customization point identification. (agreed)
	Should we address implementation quality concerns ? (no)
	Are there not already efforts done or underway to form such
issues lists ? (Probably, but none published in the Grid Forum community.
Need document to archive this info for reference by new developers and
grid deployers.)