[glue-wg] Endpoint.TrustedCA and ComputingEndpoint.TrustedCA Inconsistency in GFD147
Florido Paganelli
florido.paganelli at hep.lu.se
Fri Nov 2 05:22:37 EDT 2012
On 2012-11-01 20:50, stephen.burke at stfc.ac.uk wrote:
> JP Navarro [mailto:navarro at mcs.anl.gov] said:
>> Could these strings be a hash of a DN?
>
> That wouldn't help much, the problem is the number of CAs more than
> the length of each one.
>
Yes, true
>> How many TrustedCAs are we thinking might need to be published for
>> each endpoint, and how much data is that really? Do we think it
>> would significantly impact the performance of our information
>> systems to publish multiple collections of TrustedCA strings?
>
> At a quick count, I get 89 CAs and about 5 KB of data, compared with
> about 2 KB currently in an Endpoint -
an ARC CE currently publishes 90-100. Each endpoint is supposed to
publish its TrustedCAs, for a total of rougly 816 entries in relevant
endpoints. The amount of data for a single endpoint is similar to that
Stephen described
> and that for something for
> which, as far as I know, we have no uses, and which would be
> duplicated several thousand times over. For the BDII I think
> publishing that would not make any sense.
ARC clients use this information for selection and brokering of CEs. We
used to have a similar approach in NorduGrid schema. ARC infosystem is a
crucial part of the infrastructure, we really rely on what is published
there.
Cheers,
--
Florido Paganelli
Lund University - Particle Physics
ARC Middleware
EMI Project
More information about the glue-wg
mailing list