[gridshib-user] SAML Holder-of-Key Authentication in GridShib (Google Summer of Code @ Globus)

To: "GridShib Users" <gridshib-user@xxxxxxxxxx>

Subject: [gridshib-user] SAML Holder-of-Key Authentication in GridShib (Google Summer of Code @ Globus)

From: "Joana M. F. Trindade" <jmftrindade@xxxxxxxxx>

Date: Tue, 19 Aug 2008 19:31:36 -0300

Delivered-to: glbs-gridshib-user-sendit@mailbouncer.mcs.anl.gov

Delivered-to: glbs-gridshib-user@mailbouncer.mcs.anl.gov

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:mime-version:content-type; bh=qwzrSxoWYUPjNmI649+C3iELRLAVogpJrMQzWMNxBrM=; b=ZPqfzfAdtoYEwHc1X19AQ4btwlX6H0/e7rUs6itBbCp8htVIKMDZbl8B5Nr/Q2zoxu dEIL8wSypAoyT7qjyG1o/e1jN+zoOe61coZwkpkACe7MKwXVf/W3m+/v1GiHbMmFz/h1 FXhj51nsIay8RH1PllCU4y6PGo0Fz0c1RwEMk=

Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type; b=p6PtejHOcEggnDqvOO78cXtLWweUJfpqEu61jB5+WcUhEBY8hlj1j65hDgpZLwAhma Gfvy+4cLYznYIaogMZejOwlocs+1IqU6VOmBl+/gEVQd23lLEoz7byIXrTF9AHyK5fKD MSqrOw+UCFXButujspDIPrAde2jHpJpGmGSIY=

Sender: owner-gridshib-user@xxxxxxxxxx

Today the GridShib project is pleased to announce the first release
of the project "SAML Holder-of-Key Authentication for HTTP Single
Sign-On in GridShib", implemented as part of the Google Summer
of Code 2008 Program. See the project wiki for links to the distribution
files and accompanying documentation:

http://dev.globus.org/wiki/GSoC08/SAML_Holder_of_Key_Authn_for_HTTP_SSO

The ultimate goal in this project is to convert a campus credential (e.g., a
username/password) into a grid credential. An intermediate step along
the way to this goal is to convert a campus credential into a signed,
holder-of-key SAML assertion.

In this context, the project offers two components: a plugin for the
Shibboleth Identity Provider (IdP) that enables it to issue Holder-of-Key
SAML assertions, and a client component that sends SAML authentication
requests to the IdP.

Although there are no firm plans to do so at this time, the next step in the
development would be to extend the current project to support the non-browser
user. This requires modifications to both the IdP plugin and the client. The current
plugin and client will not produce a holder-of-key SAML assertion that
is usable in the grid.

We look forward to hearing from you regarding the project. Any comments
and feedback are most welcome.

Joana Trindade
for the GridShib team

--
Joana M. F. da Trindade

Email: jmftrindade@xxxxxxxxxxxx
Personal Homepage: http://joanatrindade.wikidot.com
LinkedIn: http://www.linkedin.com/in/joanatrindade