Site Requirements for Authentication, Authorization, and Accounting

Status

The Research Group is convened, though there remain a few issues.
1) We need to select a second Chair
2) We are asked to expand scope to solicit input from users

Review the Charter
Charter

Organizational

Review Contributed Documents list (30 minutes)

Documents link

Discuss RG Document Outline (40 minutes)

What are the document(s)

Issues List ?

Requirements List ?

Assign RG Document Section Editors (10 minutes)

Session 2

Authentication

Bob - aVOMS Proposal from Andy H.

Discuss whether or not users should have control of their private key and how little you should trust the authentication in that case.

Discuss need to changing agreements with worldwide CAs to have a server / service acquire and hold the private keys of individuals.

Authorization

Matt - Site Authorization server
Rich - VO user management model
Doug - Case study on how site authorization works now

Who is the VO? Sites seem to be guessing at the VO requirements. It would be really good to have a discussion between those representing a VO and those doing the resource implementations. For one thing, the VO reps seem to think in terms of groups and classes of users and the resource owners often don't want to have to deal with that level of complexity.

Accounting

Presentation by Shawn Mullen ?

Review Authentication Section Issues Draft (30 minutes)
Extract Authentication Section Requirements (15 minutes)
Review Authorization Section Draft (30 minutes)
Extract Authorization Section Requirements (15 minutes)
Wrapup