[gin-auth] Debugging Globus SSL (Was: Re: start Savannah run)
JP Navarro
navarro at mcs.anl.gov
Mon Feb 5 21:42:16 CST 2007
On Feb 5, 2007, at 5:00 AM, Mike 'Mike' Jones wrote:
> By the way, mapping all users to one account is a serious security
> flaw.
Mike,
You are very correct. My understanding is that mapping all GIN users to
a single account was a temporary approach to get GIN off the ground. It
certainly wasn't intended to be a long-term solution, or to be used for
more than proof-of-interoperability demos.
Perhaps it is now time to come up with a more secure long term solution
for GIN participants. Since there are only a few GIN users today,
should
we create individual accounts for all GIN users on all GIN participating
grids? Or is there a better option that will scale better? Any
suggestions
on what that next, more secure, approach should be?
Regards,
JP
------------------------------------------------------------------------
------
John-Paul Navarro (630)
252-1233
navarro at mcs.anl.gov http://www.mcs.anl.gov/
~navarro
TeraGrid Software Integration Univ of Chicago/Argonne
Nat. Lab.
GPG: 4EA9 C86B C0F0 113D 6306 98B7 3649 D6CB EFA8 4133
More information about the gin-auth
mailing list