[gin-auth] Nightly cron for DN list dump ?
Dane Skow
skow at mcs.anl.gov
Thu Mar 16 17:07:24 CST 2006
Oscar,
Would it be possible to setup a nightly cronjob to dump the DN list
from this VOMS server to a webpage someplace ? That way anyone who
has not setup the edg-makegridmapfile scripts or equivalent automata
can grab the list and manage the appropriate snippet for a
gridmapfile by hand ? That helps lower the bar for bootstrapping one
more notch.
The UK folks have offered their WIKI server as a headquarters for
this kind of contributed links. I'll send info (or Stephen will
directly) with the link soon.
Double Bonus points if you make the webpage an RSS feed ;-)) (so one
can get notice of updates)
Cheers,
Dane
On Mar 14, 2006, at 8:09 AM, Oscar Koeroo wrote:
> Hello everybody,
>
> The GIN VO name has been change from 'GIN-GGF-ORG' to 'gin.ggf.org'
> with the approval of the security area directroy to use the ggf.org
> domain name.
> All other configurations and registration have stayed persistently.
> Which means, the same portnumbers do apply on the same server with
> the same certificate.
>
> Though the web site as been move to:
> https://kuiken.nikhef.nl:8443/voms/gin.ggf.org/
>
> The configuration for the vomses file has change to:
>
> "gin.ggf.org" "kuiken.nikhef.nl" "15050" "/O=dutchgrid/O=hosts/
> OU=nikhef.nl/CN=kuiken.nikhef.nl" "gin.ggf.org"
>
> And also the legacy support interface for mkgridmap has also
> changed with the URL change to:
> group vomss://kuiken.nikhef.nl:8443/voms/gin.ggf.org .gin.ggf.org
>
>
>
> Oscar - /gin.ggf.org/Role=VO-Admin
>
>
> Oscar Koeroo wrote:
>
>> which means that I'll change the GIN-GGF-ORG VO name to:
>> "gin.ggf.org"
>> ... if one or both security area directors approve with the change
>> and use of the "ggf.org" domain as a suffix to the GIN VO.
>>
>> Oscar
>>
>>
>> Von Welch wrote:
>>
>>>
>>> Works for me.
>>>
>>> Von
>>>
>>>
>>> On Mar 13, 2006, at 12:42 PM, Olle Mulmo wrote:
>>>
>>>>
>>>> FYI,
>>>>
>>>> This was discussed (again) at two consecutive EGEE meetings at
>>>> CERN last week, ending in the draft text proposed below.
>>>>
>>>> /Olle
>>>>
>>>>
>>>> VO Naming
>>>> ---------
>>>> The VO name is a string, used to represent the VO in all
>>>> interactions
>>>> with grid software, such as in expressions of policy and access
>>>> rights.
>>>>
>>>> The VO name MUST be formatted as a subdomain name as specified in
>>>> RFC 1034 section 3.5. The VO Manager of a VO using a thus-
>>>> formatted name
>>>> MUST be entitled to the use of this name, when interpreted as a
>>>> name in the Internet Domain Name System.
>>>> This entitlement MUST stem either from a direct delegation of
>>>> the corresponding name in the Domain Name System by an
>>>> accredited registrar for
>>>> the next-higher level subdomain, or from a direct delegation of the
>>>> equivalent name in the Domain Name System by ICANN, or from the
>>>> consent
>>>> of the administrative or operational contact of the next-higher
>>>> equivalent
>>>> subdomain name for that VO name that itself is registered with
>>>> such an
>>>> accredited registrar.
>>>>
>>>> Considering that RFC1034 section 3.5 states that both upper
>>>> case and lower
>>>> case letters are allowed, but no significance is to be attached
>>>> to the case,
>>>> but that today the software handling VO names may still be case
>>>> sensisitive,
>>>> all VO names MUST be entirely in lower case.
>>>>
>
More information about the gin-auth
mailing list