IVOA Recommendation: IVOA Single-Sign-On Profile: Authentication   Mechanisms Version 1.01

Guy Rixon; Matthew Graham; Grid; Web Services Working Group

arXiv:1110.0506·astro-ph.IM·June 5, 2019

IVOA Recommendation: IVOA Single-Sign-On Profile: Authentication Mechanisms Version 1.01

Guy Rixon, Matthew Graham, Grid, Web Services Working Group

PDF

TL;DR

This paper details the approved client-server authentication mechanisms for the IVOA single-sign-on profile, including digital signatures, TLS with passwords, and TLS with client certificates, with normative implementation rules based on existing standards.

Contribution

It standardizes and specifies the authentication mechanisms for IVOA's single-sign-on profile, providing normative rules referencing established standards.

Findings

01

Defines digital signatures for SOAP services

02

Specifies TLS with passwords for user sign-on

03

Recommends TLS with client certificates for other services

Abstract

Approved client-server authentication mechanisms are described for the IVOA single-sign-on profile: digital signatures (for SOAP services); TLS with passwords (for user sign-on points); TLS with client certificates (for everything else). Normative rules are given for the implementation of these mechanisms, mainly by reference to pre-existing standards.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.