[ogsa-hpcp-wg] File staging extension

Christopher Smith csmith at platform.com
Wed Nov 7 13:56:22 CST 2007 

Late the the game for a response, but oh well...

I'm basically in agreement with Steven. The point of the interop is to show
the possibility, not to demonstrate production data movement.

For those who really want secure transfer, the low hanging fruit for
encrypted communications is scp/sftp IMHO.

-- Chris


On 01/11/07 15:19, "Steven Newhouse" <Steven.Newhouse at microsoft.com> wrote:

> A little more broadly, I am concerned that someone could semi-legitimately
> accuse the HPC Profile effort of "mandating insecurity".
> 
> We're mandating in HPCBP that over an open network plain text username and
> passwords are passed over SSL. We're demonstrating a proof of concept that
> using 'movement protocols' such as ftp, http, ... can be integrated into the
> HPCBP by passing in a credential from the client. This IMHO is the goal of the
> normative extensions.
> 
> The set of credentials that we mandate that we support and the movement
> protocols that they access is effectively a profile ontop of this normative
> extensions. If your HPCBP endpoint is only going to go to files within your
> network (because by policy you do not allow external FTP traffic through your
> firewall) then use of FTP may not be a major concern. Other deployments going
> cross-enterprise in their file access may require that certain protocols are
> only used.
> 
> Basically I think we have three phases:
> 1. Proof of concept for SC07 to drive further development of the extensions.
> 2. Developing normative extensions that are fairly flexible in terms of the
> things moved and the tokens used to authenticate access to the things being
> moved.
> 3. Concrete profiles defining the protocols and the credentials. This set may
> be very different in different domains, e-science (GridFTP & certificates),
> commerce (ftp & username/password) for example.
> 
> 2 & 3 I think this is something we can really discuss post SC07. For now we
> need to KISS* and together be happy with an answer to 1!
> 
> Steven
> 
> KISS = Keep It Simple Stupid (This is a generic working group stupid - not a
> person specific stupid in this email thread!)
> 
> --
>   ogsa-hpcp-wg mailing list
>   ogsa-hpcp-wg at ogf.org
>   http://www.ogf.org/mailman/listinfo/ogsa-hpcp-wg

More information about the ogsa-hpcp-wg mailing list