MSO and multiple communities

Tue Jul 6 08:27:56 PDT 2004

So not anything that grew from an AstroGrid-1 community, then?

On Tue, 6 Jul 2004, Tony Linde wrote:

> > I'm not sure I see the problem though.
> > It puts the responsibility on Community administrators to
> > make their Communities trustworthy.
> >
> > Don't register with an insecure Community.
>
> Agreed.
>
> T.
>
> > -----Original Message-----
> > From: Dave Morris [mailto:dave at ast.cam.ac.uk]
> > Sent: 06 July 2004 16:03
> > To: Guy Rixon
> > Cc: Tony Linde; grid at ivoa.net
> > Subject: Re: MSO and multiple communities
> >
> > Guy Rixon wrote:
> >
> > >On Tue, 6 Jul 2004, Tony Linde wrote:
> > >
> > >
> > >
> > >>>If we say that a user can be in a group in a community but not
> > >>>actually in that community, then isn't a bit hard?
> > >>>
> > >>>
> > >>Why? The list of members in the group includes that user's
> > account id. No?
> > >>
> > >>
> > >
> > >Suppose my identity is in community C1 and my group is in C2.  My
> > >target service trusts C2 but not C1.
> > >
> > If the service S does not trust your originating community
> > C1, then you can't access the service.
> > End of story.
> >
> > I'm not sure I see the problem though.
> > It puts the responsibility on Community administrators to
> > make their Communities trustworthy.
> >
> > Don't register with an insecure Community.
> >
> > Dave
> >
>

Guy Rixon 				        gtr at ast.cam.ac.uk
Institute of Astronomy   	                Tel: +44-1223-337542
Madingley Road, Cambridge, UK, CB3 0HA		Fax: +44-1223-337523