Changes between Version 17 and Version 18 of GeniApiCredentials


Ignore:
Timestamp:
01/16/14 09:19:02 (10 years ago)
Author:
Aaron Helsinger
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • GeniApiCredentials

    v17 v18  
    2424== Credential Format  ==
    2525
    26 The schema is available at http://www.protogeni.net/trac/protogeni/attachment/wiki/Authentication/credential.rnc
    27 
    28 In the AM API, credentials have a type and version string. This page documents credentials of type `geni_sfa` and version '''3'''.
     26The v2 schema (adding ABAC credential support) is attached to this page. The v1 schema is available at http://www.protogeni.net/trac/protogeni/attachment/wiki/Authentication/credential.rnc
     27
     28In the AM API, credentials have a type and version string. This page documents credentials of type `geni_sfa` and version '''3'''. (Credentials of type `geni_abac` and version `1` are documented at [wiki:TIEDABACCredential the ABAC credential page].)
    2929
    3030Sample credential:
     
    123123== Format Change History ==
    124124
    125 AM API v3 standardized some additional elements of credentials and certificates. The new requirements with AM API v3 are documented on this page, and known as "geni_sfa v3". This section defines the changes from the old format, now known as geni_sfa v2.
     125AM API v3 standardized some additional elements of credentials and certificates. The new requirements with AM API v3 are documented on this page, and known as "geni_sfa v3". This section defines the changes from the old format, now known as `geni_sfa` version `2`.
    126126
    127127'''Note''': AM API v3 added requirements on [wiki:GeniApiIdentifiers URNs] and [wiki:GeniApiCertificates certificates], as well as credentials. A credential is only `geni_sfa` version `3` if all contained certificates and URNs are AM API v3 compliant. Experimenters with existing certificates that are not AM API v3 compliant will only get `geni_sfa` version `2` credentials, unless they first get a new user certificate. As a result, most aggregates should accept both `geni_sfa` version `3` and version `2` credentials.
     
    147147   - Note that the slice and user email addresses are addresses for contacting the responsible party - the slice owner or creator and the user. These may be aliases.
    148148
    149 Certificate elements standardized (but not necessarily changed) for geni_sfa v3 credentials:
     149Certificate elements standardized (but not necessarily changed) for `geni_sfa` version `3` credentials:
    150150 - {{{Version}}} shall be properly marked: 3
    151151 - {{{serialNum}}} is required to be unique within the certificate authority: each newly issued certificate must have a unique serial number.