[AG-TECH] Life of 'service' cert

Ivan R. Judson judson at mcs.anl.gov
Thu Apr 15 23:47:16 CDT 2004


Password less certificates don't use proxies, so proxy lifetime doesn't
matter. However, certificate validity does (it's generally 12 months).

As an aside, service certificates are not intended to be used by users as
identity certificates, there may well be parts of the authorization policy
that specifically exclude services from some operations (like Enter).

--Ivan

> -----Original Message-----
> From: owner-ag-tech at mcs.anl.gov 
> [mailto:owner-ag-tech at mcs.anl.gov] On Behalf Of Randy Groves
> Sent: Thursday, April 15, 2004 9:47 PM
> To: ag-tech at mcs.anl.gov
> Subject: [AG-TECH] Life of 'service' cert
> 
> If you use a 'service' cert (a host-type cert with no 
> password) for a venue client on a node - is there a lifetime 
> attached to the proxy?  Or does it last forever?
> 
> Same question on using these type of certs for a venue server.
> 
> -randy
> 
> 
> 




More information about the ag-tech mailing list