[ogsa-hpcp-wg] File staging extension

Marty Humphrey humphrey at cs.virginia.edu
Thu Nov 1 13:32:35 CDT 2007 

Right -- " Are you concerned with the inclusion of the username/password in
the URI string in the JSDL?" No. It's over https by definition.

A little more broadly, I am concerned that someone could semi-legitimately
accuse the HPC Profile effort of "mandating insecurity".  

-- Marty

-----Original Message-----
From: Vesselin Novov [mailto:vesso at doc.ic.ac.uk] 
Sent: Thursday, November 01, 2007 2:15 PM
To: Marty Humphrey
Cc: ogsa-hpcp-wg at ogf.org
Subject: Re: [ogsa-hpcp-wg] File staging extension


Marty,

Marty Humphrey wrote:

> I like a lot of the proposal. But one of the issues here is that none 
> of ftp, http, or mailto is secure. (Note: username/password ftp is 
> still cleartext - not INTO the BES service but rather from the BES 
> service to the FTP service)
>
Are you concerned with the inclusion of the username/password in the URI 
string in the JSDL or with the fact that the communication channels is 
unsecured.
Even with the secured sftp we would need to add the username/pass to the 
sftp: URI string.

-Vesso

> -- Marty
>
> *From:* ogsa-hpcp-wg-bounces at ogf.org 
> [mailto:ogsa-hpcp-wg-bounces at ogf.org] *On Behalf Of *Andrew Grimshaw
> *Sent:* Thursday, November 01, 2007 1:45 PM
> *To:* ogsa-hpcp-wg at ogf.org
> *Subject:* [ogsa-hpcp-wg] File staging extension
>
> All,
>
> Today we discussed which URI's to support in the proposed file staging 
> extensions. Particularly for SC07.
>
> I suggest the following URI's
>
> ftp
>
> http
>
> mailto
>
> because they do not require us to address the issue of delegation in 
> advance of SC07. (As I said at the last OGF I do not think the 
> delegation approach in the delegation proposal is a good idea).
>
> Of course I think ByteIO/RNS is a good idea - but I don't expect much 
> support for that. (We support it.)
>
> Note that there exists a standard format for an ftp URI which includes 
> username/password. Therefore one could include the information in the 
> JSDL document without any need for delegation. (I do not know gridFTP 
> well, perhaps it supports a similar set of uri options, eliminating 
> the need for passing a delegated credential.)
>
> On the other hand if we choose to support gridFTP, scp, or any other 
> protocol that requires a delegated credential, then we must also agree 
> on a delegation strategy . with a potential need to replace it later. 
> (By the way, we are not familiar with a standard URI format for scp.)
>
> Right now we (the Virginia Genesis II group) support ftp, http, 
> mailto, and RNS with delegated credentials (not via the same mechanism 
> Marty is proposing).
>
> A
>
>------------------------------------------------------------------------
>
>--
>  ogsa-hpcp-wg mailing list
>  ogsa-hpcp-wg at ogf.org
>  http://www.ogf.org/mailman/listinfo/ogsa-hpcp-wg
>

More information about the ogsa-hpcp-wg mailing list