SSO major editing

[Bertocco, Sara]

Hi all and particularly SSO authors,
I did a major editing of the single sign-on document re-organizing it and
proposing some content. I would like to have your comments and input.
Because it is really work in progress, I left it in a fork with a dedicated
branch in
https://github.com/bertocco/  branch major_editing
Trying to make easier read and comment, I put my comments and things that
need attention in red and here I summarise the main changes:
1) The arguments order is changed: before the accepted authentication
mechanisms, then bootstrapping and ivoa-challenge and then how to use them
all with examples (trying to address issue #6). Examples need a deep review
and, possibly, contributions.
2) I specified well that OAuth is an authorization and not authentication
protocol (issues #7 and #8) and how it is used
3) I did not remove SecurityMethod (as I proposed in issue #5) because I
used it to indicate the standard_id and left, as optional (MAY), the
possibility to register a service declaring the supported SecurityMethod.
This accepts the Brian's comment in Issue #5 to support a transition period.
4) Has to be decided if the ivoa-challenge MUST or SHOULD be implemented.
Someone proposed SHOULD, to allow a smooth transition to the new version of
the standard and I agree and put SHOULD, by the moment.
By the moment, I'm sending this e-mail to the GWS list.
If someone is interested, let me know and I'll try to arrange an on-line
meeting before the Sydney interop.
Cheers, Sara
Cheers, Sara
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ivoa.net/pipermail/grid/attachments/20240503/02db78d8/attachment.htm>