From: Arlene Allen <arlene.allen@isc.ucsb.edu>
To: David H Walker <dhwalker@ucdavis.edu>
Cc: Korambath, Prakashan <ppk@ats.ucla.edu>, Labate, Bill <labate@ats.ucla.edu>, Jin, Kejian <kjin@ats.ucla.edu>, Kathleen M Beyer <kmbeyer@ucdavis.edu>, Wu, Albert <albertwu@ucla.edu>
Subject: Re: UC-wide authentication for UC Grid
Date: Mon, 9 Feb 2009 14:35:30 -0800
I asked Rich last week if he could give me a synopsis of his current thinking. I haven't heard from him, so he may not be around. Prior, admitedly many months now, discussions revolved around how UC Grid would authenticate in the context of one or more campuses joining other grids - open science, texas open grid, teragrid etc. There was also concern over what the costs (how to execute) might be per campus, in any architecture that was primarily based on an externalized pki security model. I would prefer for him to provide his current thinking though. Teragrid is already in InCommon and I thought texas was doing it too from a conversation I had at Educause, but they don't seem to be listed.
On the first bullet enhancement you mentioned David, is this the typical x.509 deployment in an ldap environment you are thinking of - public key stored in the directory?
arlene