myproxy server

Robert Olson olson at mcs.anl.gov
Mon Sep 8 11:37:23 CDT 2003


At 11:26 AM 9/8/2003 -0500, Ivan R. Judson wrote:
>I think this should be given a priority that is low; that is Ti should work
>on other things (including OpenCA/Globus) first. While the proxy certificate
>stuff is on our research path, it's not popping up to the top -- we have
>other more important things that need to be done first, that don't require
>Ti to spend cycles on this particular request.

That's interesting, it seemed in discussions last week that the difficulty 
with people getting certificates was getting significant, and having a 
myproxy server available to prototype against would be a step in the path 
toward a solution to that. It is also the next major piece of certificate 
management that needs to be tackled (the host/service cert problem isn't a 
big deal, I just need some input in how the services expect to have these, 
and the model which is expected to be used in making such requests, as in a 
multiple-machine node the request will have to be made from the machine the 
service runs on in order for the private key to land in the proper location).

>I'd definitely like to get a snapshot of what your queue looks like so that
>I can understand where you think you are, and compare it with where I think
>you are. It's difficult to integrate your effort into the tasks we have
>layed out with little or no coordination; can you bring your list of things
>you have you are working on to the meeting tomorrow so we (the group) can
>get synchronized?

I am addressing issues related to the pieces of ag2 that last I knew were 
the only ones I'm significantly involved with: security and data access. 
The use of a myproxy server is directly associated with the security side, 
as are difficulties like the one just posted to ag-tech (which has brought 
to view a requirement for the cert request stuff I hadn't considered).

I have also been researching the issues involved in more coherent access to 
data stores, including support for hierarchical organizational to same 
(which is not a trivial extension), issues in access control in that 
environment, etc.  




More information about the ag-dev mailing list