[Fvga-wg] Some queries related to today's session.
Ralph Niederberger
r.niederberger at fz-juelich.de
Tue Mar 10 09:17:51 CDT 2009
Dear Raheel,
see comments inine.
Best regards
Ralph
Raheel Hassan schrieb:
>
> *Dear *Ralph Niederberger,*,*
>
>
> **
>
> *I am a new member and today i have attended your presentation which
> was really very interesting. I am interested in participating in this
> working group, while reading the discussion held in previous sessions,
> i have the following questions, if would answer it will really help me
> in understanding the real motive that which you are working.
> *
>
> *1-How will you list your priorities that you have decided in today's
> session?
> *
>
Currently I am waiting for the meeting notes, Inder wanted to provide.
As we have a draft protocol currently, which, as I have understood, was
accepted in principle by the participants
of the session, I think the next step to start with will be distributing
the draft proposal to more people.
I would like to attach the meeting notes to this distribution.
Persons interested could be the security and infrastructure area groups
of OGF. Any other community interested in
and willing to provide feedback will be welcomed.
Furthermore I will give a presentation next week at the "DFN CERT
Workshop - Security in connected Systems"
about this topic, where I hope to get also valueable feedback.
So as said: Distributing the info and getting feedback.
Dependent on this feedback, we should go for this solution or change the
draft accordingly.
Then I would like to start the following steps in parallel:
a.) Getting in touch with IETF for standardization issues.
b.) Implementation of a first very limited prototype (showing that it
works as suggested).
Step b could be separated into different parts:
b1.) prototype implementation for linux iptables
b2.) prototype in close cooperation with a Firewall developer (-> a
first FiTP aware firewall).
Anyone having contact to these guys would be fine.
b3.) Communication prototypes for out of band signalling, i.e. for
firewalls which are FiTP
unaware. So the auth server has to start a subroutine for
firewall configuration (via CLI,
special firewall managament software, https, ...)
b3 could be done for several firewall systems, e.g. Cisco Pix,
Checkpoint, ...
Here we would need experts having access to those kinds of
firewalls within test environments.
Next steps are very dependent on the outcome of steps a.) and b.) above
>
> *2- Can you highlight the impact of these documents when implementing
> the open standards in Grid.
> *
>
Don't know, what you exactly mean with "impact of these documents"?
The proposed draft document, presented at the last FVGA-WG session,
will be the definition
of the FiTP protocol standard. This means, that any implementation of
FiTP has to exactly
use the syntax and semantics as described in this document.
>
> **
>
> *3- What are your planning for upcoming ogf events?*
>
First of all, the next OGF will need further discussion on any open
issues, not yet fixed.
E.G. which kind of authorizations should be supported/allowed? What
about further
suggestions, which would broaden the sope of the protocol, e.g. token
based firewalling.
Should we include those suggestion? Should we vote about those
suggestions? Should they
generally delay for a next version, so that the first version can be as
simple as possible and
easy to install?
Furthermore we are free for any further discussions, presentations, use
cases, ... which are
related to the draft protocol or suggest parallel/alternate ideas.
> *If possible please upload your presentation.
> *
>
Done.
Have a look at:
http://www.ogf.org/gf/event_schedule/index.php?id=1563
or
http://forge.gridforum.org/sf/docman/do/listDocuments/projects.fvga-wg/docman.root.meeting_materials.ogf25
To access the draft protocol description see:
http://forge.gridforum.org/sf/docman/do/listDocuments/projects.fvga-wg/docman.root.drafts
>
> *Kindest Regards,*
>
> *Raheel*
--
***************************************************
Ralph Niederberger
Juelich Supercomputing Centre
Institute for Advanced Simulation
Phone: +49 2461 61-4772
Fax: +49 2461 61-6656
E-Mail: r.niederberger at fz-juelich.de
WWW: http://www.fz-juelich.de/jsc/
JSC is the coordinator of the
John von Neumann Institute for Computing
and member of the
Gauss Centre for Supercomputing
***************************************************
Forschungszentrum Jülich GmbH
52425 Jülich
Sitz der Gesellschaft: Jülich
Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498
Vorsitzende des Aufsichtsrats: MinDirig'in Bärbel Brumme-Bothe
Geschäftsführung: Prof. Dr. Achim Bachem (Vorsitzender),
Dr. Ulrich Krafft (stellv. Vorsitzender), Prof. Dr. Harald Bolt,
Dr. Sebastian M. Schmidt
***************************************************
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5143 bytes
Desc: S/MIME Cryptographic Signature
Url : http://www.ogf.org/pipermail/fvga-wg/attachments/20090310/b5f2f315/attachment.bin
More information about the fvga-wg
mailing list