[Fvga-wg] Some queries related to today's session.

Ralph Niederberger r.niederberger at fz-juelich.de
Tue Mar 10 09:17:51 CDT 2009 

Dear Raheel,

see comments inine.

Best regards

Ralph

Raheel Hassan schrieb:
>
> *Dear *Ralph Niederberger,*,*
>
>
> **
>
> *I am a new member and today i have attended your presentation which 
> was really very interesting. I am interested in participating in this 
> working group, while reading the discussion held in previous sessions, 
> i have the following questions, if would answer it will really help me 
> in understanding the real motive that which you are working.
> *
>
> *1-How will you list your priorities that you have decided in today's 
> session?
> *
>
Currently I am waiting for the meeting notes, Inder wanted to provide.

As we have a draft protocol currently, which, as I have understood, was 
accepted in principle by the participants
of the session, I think the next step to start with will be distributing 
the draft proposal to more people.
I would like to attach the meeting notes to this distribution.

Persons interested could be the security and infrastructure area groups 
of OGF. Any other community interested in
and willing to provide feedback will be welcomed.
Furthermore I will give a presentation next week at the "DFN CERT 
Workshop - Security in connected Systems"
about this topic, where I hope to get also valueable feedback.
So as said: Distributing the info and getting feedback.

Dependent on this feedback, we should go for this solution or change the 
draft accordingly.

Then I would like to start the following steps in parallel:
a.) Getting in touch with IETF for standardization issues.
b.) Implementation of a first very limited prototype (showing that it 
works as suggested).

Step b could be separated into different parts:
b1.) prototype implementation for linux iptables
b2.) prototype in close cooperation with a Firewall developer (-> a 
first FiTP aware firewall).
       Anyone having contact to these guys would be fine.
b3.) Communication prototypes for out of band signalling, i.e. for 
firewalls which are FiTP
       unaware. So the auth server has to start a subroutine for 
firewall configuration (via CLI,
       special firewall managament software, https, ...)
       b3 could be done for several firewall systems, e.g. Cisco Pix, 
Checkpoint, ...
      Here we would need experts having access to those kinds of 
firewalls within test environments.

Next steps are very dependent on the outcome of steps a.) and b.) above
  
>
> *2- Can you highlight the impact of these documents when implementing 
> the open standards in Grid.
> *
>
Don't know, what you exactly mean with "impact of these documents"?
The proposed draft document, presented at the  last FVGA-WG session, 
will be the definition
of the FiTP protocol standard. This means, that any implementation of 
FiTP has to exactly
use the syntax and semantics as described in this document.
>
> **
>
> *3- What are your planning for upcoming ogf events?*
>
First of all, the next OGF will need further discussion on any open 
issues, not yet fixed.
E.G. which kind of authorizations should be supported/allowed? What 
about  further
suggestions, which would broaden the sope of the protocol, e.g. token 
based firewalling.
Should we include those suggestion? Should we vote about those 
suggestions? Should they
generally delay for a next version, so that the first version can be as 
simple as possible and
easy to install?
Furthermore we are free for any further discussions, presentations, use 
cases, ... which are
related to the draft protocol or suggest parallel/alternate ideas.

> *If possible please upload your presentation.
> *
>
Done.
Have a look at:
     http://www.ogf.org/gf/event_schedule/index.php?id=1563
or
    
http://forge.gridforum.org/sf/docman/do/listDocuments/projects.fvga-wg/docman.root.meeting_materials.ogf25

To access the draft protocol description see:

http://forge.gridforum.org/sf/docman/do/listDocuments/projects.fvga-wg/docman.root.drafts
>
> *Kindest Regards,*
>
> *Raheel* 

-- 

***************************************************
 Ralph Niederberger
 Juelich Supercomputing Centre
 Institute for Advanced Simulation

 Phone:  +49 2461 61-4772
 Fax:    +49 2461 61-6656
 E-Mail: r.niederberger at fz-juelich.de
 WWW:    http://www.fz-juelich.de/jsc/

 JSC is the coordinator of the
 John von Neumann Institute for Computing
 and member of the
 Gauss Centre for Supercomputing
***************************************************

 Forschungszentrum Jülich GmbH
 52425 Jülich

 Sitz der Gesellschaft: Jülich
 Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498
 Vorsitzende des Aufsichtsrats: MinDirig'in Bärbel Brumme-Bothe
 Geschäftsführung: Prof. Dr. Achim Bachem (Vorsitzender),
 Dr. Ulrich Krafft (stellv. Vorsitzender), Prof. Dr. Harald Bolt,
 Dr. Sebastian M. Schmidt 

***************************************************


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5143 bytes
Desc: S/MIME Cryptographic Signature
Url : http://www.ogf.org/pipermail/fvga-wg/attachments/20090310/b5f2f315/attachment.bin

More information about the fvga-wg mailing list