[Fvga-wg] Meeting minutes of OGF26 FVGA-WG session
Thijs Metsch
Thijs.Metsch at Sun.COM
Tue Jun 2 08:56:27 CDT 2009
Thanks for the minutes! I was about the write some up to...but yours are
perfectly fine!
Cheers,
-Thijs
On Mon, 2009-06-01 at 19:05 +0200, Ralph Niederberger wrote:
> Dear all,
>
> we had a fruitful discussion at OGF26 FVGA-WG session
> last week.
>
> Attached you will find the meeting minutes.
>
> best regards
>
> Ralph
>
>
> plain text document attachment
> (FVGA-WG.OGF26.MeetingMinutes-GroupDiscussions.txt)
> Meeting Minutes OGF26- FVGA-WG 2009-07-28
> =======================================
>
> The FVGA-WG group discussions meeting at OGF26 had been
> scheduled for Thursday, May 28th 2009 11:00 - 12:30.
>
> We had 13 attendees which was nearly the normal number of
> attendees for all infrastructure meetings.
>
> The whole conference had 76 attendees only
> (concerning to the participants list at the OGF web page)
> including one day participants.
>
> At our WG we followed the proposed agenda which had been:
>
> a.) Agenda and Introduction
> b.) Overview about draft FiTP protocol description
> c.) First comments to draft FiTP protocol
> d.) How to deal with protocol extension requests
>
>
> All slides can be found at:
>
> http://www.ogf.org/gf/event_schedule/index.php?event_id=13
>
> or alternatively at the gridforge project pages:
>
> https://forge.gridforum.org/sf/docman/do/listDocuments/projects.fvga-wg/docman.root.meeting_materials.ogf26_chapelhill
>
> a.) I provided an overview about our working group, milestones and deliverables
>
> b.) I presented our first draft description of a protocol for dynamic opening
> of ports at firewalls, which is available since beginning of this year
> and has been first presented at OGF 25.
> (see slides and draft protocol description for details)
>
> c.) Since we sent this draft protocol description to OGF infrastructure and
> security area and some further people familiar with those issues, I informed
> the attendees of the meeting about the feedback received.
> Most feedback was positive. Others provided links to other solutions
> which they thought could be alternatively used or where people could also be
> interested in this material or could be interested to help to further
> refine our solution.
> I have shown that all alternate solutions proposed are not applicable to
> solve the problems which our solution intends to tackle.
> (see slides for details).
>
> From the audience: "Which benefit could web services get from this solution."
> Since the proposed protocol would have to be integrated into the client
> applications or a wrapper program would have to be used, this question
> could not be answered directly.
> Further research will be needed to clarify, if an integration into web
> services would be possible.
>
> Further steps:
> 1.) Get in contact with people from IETF NSIS and BEHAVE working group
>
> 2.) Implementation of a draft client and server program and test against
> a Linux-Firewall (iptables based) including software for iptables-firewall
> to open ports dynamically (automatically).
> A simple approach here is a perl script getting packet info from a
> wireshark program running on the linux firewall and reconfiguring
> iptables when appropriate traffic has been received (scanned).
>
> It will be discussed on the mailing list, who is willing to contribute
> programming effort and test cases.
>
> d.) Proposing the draft protocol description in January this year, a first
> request for protocol extension has been received. We discussed how to deal
> with those requests. On the one hand those extensions could lead to a
> broader usage of the protocol, since more application could be supported,
> but on the other hand it makes the simple concept more complex and could
> lead to decreasing acceptance because of security reasons (i.e. more complex
> -> more programming errors or increased possibility to crack/hack the code).
> We decided to keep things simple for the start and wait for acceptance before
> including additional features.
> (see slides for details).
> _______________________________________________ fvga-wg mailing list fvga-wg at ogf.org http://www.ogf.org/mailman/listinfo/fvga-wg
--
Thijs Metsch Tel: +49 (0)941 3075-122 (x60122)
http://blogs.sun.com/intheclouds
Software Engineer Grid Computing
Sun Microsystems GmbH
Dr.-Leo-Ritter-Str. 7 mailto:thijs.metsch at sun.com
D-93049 Regensburg http://www.sun.com
More information about the fvga-wg
mailing list