Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
@misc{rfc5280,
series = {Request for Comments},
number = 5280,
howpublished = {RFC 5280},
publisher = {RFC Editor},
doi = {10.17487/RFC5280},
url = {https://rfc-editor.org/rfc/rfc5280.txt},
author = {Sharon Boeyen and Stefan Santesson and Tim Polk and Russ Housley and Stephen Farrell and Dave Cooper},
title = {{Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile}},
pagetotal = 151,
year = 2008,
month = may,
abstract = {This memo profiles the X.509 v3 certificate and X.509 v2 certificate revocation list (CRL) for use in the Internet. An overview of this approach and model is provided as an introduction. The X.509 v3 certificate format is described in detail, with additional information regarding the format and semantics of Internet name forms. Standard certificate extensions are described and two Internet-specific extensions are defined. A set of required certificate extensions is specified. The X.509 v2 CRL format is described in detail along with standard and Internet-specific extensions. An algorithm for X.509 certification path validation is described. An ASN.1 module and examples are provided in the appendices. {[}STANDARDS-TRACK{]}},
}
@misc{rfc3820,
series = {Request for Comments},
number = 3820,
howpublished = {RFC 3820},
publisher = {RFC Editor},
doi = {10.17487/RFC3820},
url = {https://rfc-editor.org/rfc/rfc3820.txt},
author = {Von Welch and Mary Thompson and Douglas E. Engert and Steven Tuecke and Laura Pearlman},
title = {{Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate Profile}},
pagetotal = 37,
year = 2004,
month = jun,
abstract = {This document forms a certificate profile for Proxy Certificates, based on X.509 Public Key Infrastructure (PKI) certificates as defined in RFC 3280, for use in the Internet. The term Proxy Certificate is used to describe a certificate that is derived from, and signed by, a normal X.509 Public Key End Entity Certificate or by another Proxy Certificate for the purpose of providing restricted proxying and delegation within a PKI based authentication system. {[}STANDARDS-TRACK{]}},
}
@misc{rfc5755,
series = {Request for Comments},
number = 5755,
howpublished = {RFC 5755},
publisher = {RFC Editor},
doi = {10.17487/RFC5755},
url = {https://rfc-editor.org/rfc/rfc5755.txt},
author = {Sean Turner and Stephen Farrell and Russ Housley},
title = {{An Internet Attribute Certificate Profile for Authorization}},
pagetotal = 50,
year = 2010,
month = jan,
abstract = {This specification defines a profile for the use of X.509 Attribute Certificates in Internet Protocols. Attribute certificates may be used in a wide range of applications and environments covering a broad spectrum of interoperability goals and a broader spectrum of operational and assurance requirements. The goal of this document is to establish a common baseline for generic applications requiring broad interoperability as well as limited special purpose requirements. The profile places emphasis on attribute certificate support for Internet electronic mail, IPsec, and WWW security applications. This document obsoletes RFC 3281. {[}STANDARDS-TRACK{]}},
}
@misc{nginxvoms-cnafar-2016,
author = {Paulon, S and Giacomini, F and Ceccanti, A},
title = {{A VOMS module for the NGINX web server}},
howpublished = {{INFN-CNAF Annual Report}},
year = 2016,
url = {https://www.cnaf.infn.it/annual-report},
}
@InProceedings{voms,
author="Alfieri, R.
and Cecchini, R.
and Ciaschini, V.
and dell'Agnello, L.
and Frohner, {\'A}.
and Gianoli, A.
and L{\~o}rentey, K.
and Spataro, F.",
editor="Fern{\'a}ndez Rivera, Francisco
and Bubak, Marian
and G{\'o}mez Tato, Andr{\'e}s
and Doallo, Ram{\'o}n",
title="VOMS, an Authorization System for Virtual Organizations",
booktitle="Grid Computing",
year=2004,
publisher="Springer Berlin Heidelberg",
address="Berlin, Heidelberg",
pages="33--40",
abstract="We briefly describe the authorization requirements, focusing on the framework of the DataGrid and DataTAG Projects and illustrate the architecture of a new service we have developed, the Virtual Organization Membership Service (VOMS), to manage authorization information in Virtual Organization scope.",
isbn="978-3-540-24689-3"
}
@Misc{module-baltig,
title = {\verb"ngx_http_voms_module"},
note = {\url{https://baltig.infn.it/storm2/ngx\_http\_voms\_module}}}
@Misc{nginx,
title = {Nginx},
note = {\url{https://nginx.org/}}
}
@Misc{openresty,
title = {{OpenResty}},
note = {\url{https://openresty.org/}}}
@Misc{test::nginx,
title = {{Test::Nginx}},
note = {\url{https://metacpan.org/pod/Test::Nginx}}}
@Misc{voms-github,
title = {{VOMS}},
note = {\url{https://github.com/italiangrid/voms}}}
@Misc{openssl,
title = {{OpenSSL}},
note = {\url{https://www.openssl.org/}}}