10-nov-00d.p.kelsey, htasc report1 htasc - report to hep-ccc david kelsey, ral d.p.kelsey@ rl.ac.uk...
TRANSCRIPT
10-Nov-00 D.P.Kelsey, HTASC report 1
HTASC - Report to HEP-CCC
David Kelsey, RALd.p.kelsey@ rl.ac.uk
10 November 2000, CERN(http://home.cern.ch/~eauge/htasc/public/)
10-Nov-00 D.P.Kelsey, HTASC report 2
HTASC #16 19th/20th October 2000,
BolognaAgenda included:• Ongoing topics: LDAP, Security, Certificates• DataGrid• Networking/QoS/Diffserv• Markup Languages – XML in particular• Future meetings/topics
10-Nov-00 D.P.Kelsey, HTASC report 3
Membership of HTASC
• New members– F. Forti (INFN/Italy) replaces P.Capiluppi– R. Mankel (DESY/Germany) replaces T. Haas– But T.Haas will continue as chair of HTASC Security
group
• Good attendance this time• new Secretary – split post
– Minute taker: A. Flavell (UK)– Web manager: N. Colino (Spain)
10-Nov-00 D.P.Kelsey, HTASC report 4
Directories/LDAP
• At March 2000 HTASC/HEP-CCC– Growing importance - Windows 2000, GRID, etc.– Strong support from HEP-CCC - CERN/IN2P3 group should
organise an LDAP workshop for White Pages service
• At July 2000 HEP-CCC– Workshop not taken place– But various discussions about GRID Info Services– Try to organise a workshop at HEPiX (October 2000)
• Situation now– Michel Jouvin reviewed LDAP at HEPiX– HTASC and HEPiX view – workshop still necessary– F.Etienne/M.Jouvin – propose to organise a workshop on
LDAP (White Pages and GRID) in Europe – March?
10-Nov-00 D.P.Kelsey, HTASC report 5
X.509 Certificates
At July 2000 HEP-CCC• Driving reason for X.509 Certificate Authorities in
HEP is GRID/Globus software. • DataGrid – special task force (proposed in Lyon
mtg)– Need was confirmed in Marseille meeting
Discussed at HTASC (Oct)– DPK asked to coordinate DataGrid WP6 task force– Meeting of Testbed Security contacts at CERN – 4/5 Dec
• Many issues, including– Authentication vs Authorisation (Architecture)– Will we trust each others certificates?– Liaison with US labs required (started at HEPiX)
10-Nov-00 D.P.Kelsey, HTASC report 6
Network Security
• Suggested during July 2000 HEP-CCC– Action on me to write a draft mandate
• HTASC discussed this (Oct 2000)– Also request for co-ordination from FOCUS (Oct)
• Reminder of issues– Many labs tightening security
• Port filtering, turn-off clear-text passwords• FNAL strong authentication• CERN’s CLASP project• Growing use of one-time passwords• Growing use of certificates
– Potential to affect off-site users in small institutes
10-Nov-00 D.P.Kelsey, HTASC report 7
Security (2)
• HTASC proposes that the existing HTASC Security group looks at this – to report in March 2001
• (zero’th) draft mandate… (still to be discussed with T.Haas and HTASC)– Survey the methods used by HEP labs (today and planned)
for the authentication of users, both on and off-site– Report on any problems that these methods cause for off-
site access, particularly where off-site users/groups need to access resources at more than one site
– Make recommendations as to how the situation could be improved
• n.b. this should include the general use of certificates
10-Nov-00 D.P.Kelsey, HTASC report 8
Networking/QoS/Diffserv
Two presentations• Tiziana Ferrari (INFN/Bologna)
– Quantum Test Programme – joint TERENA/DANTE task force on Testing of Advanced Networking (TF-TANT)
– Diffserv testing - see URL and pointers contained therein
– http://www.cnaf.infn.it/~ferrari/tfng/ds/– Detailed comparison of WFQ and PQ for support of
Expedited Forwarding (EF) (Test network INFN/CERN)– MANY interesting results –> PQ better than WFQ– Also tested a real app INFN-FNAL (Robin – CDF VME
crate remote control) – same conclusion
• Robin Tasker (CLRC/DL)• Tests of congestion avoidance using CAR and WRED
10-Nov-00 D.P.Kelsey, HTASC report 9
Markup Languages/XML
• One presentation– Steve Fisher (CLRC/RAL)
• Input from Michel Goosens (CERN)– Working on XML/LaTeX/HTML solutions in
collaboration with several experiments– By March 2001, should have advanced in direction
of exploiting XML technology at CERN– HEP can benefit from many initiatives (commercial
and OpenSource)
• Proposal – invite Michel Goosens to the next meeting to complete this topic
10-Nov-00 D.P.Kelsey, HTASC report 10
Markup Languages (2)
HTASC discussion• What is common format for document
exchange?– PDF seems best for reading and printing– But need to be able to modify– XML is immature
• What about presentations?– PowerPoint is clear market leader
• Collaborative documents– BaBar TDR uses LaTeX and CVS– Others use FrameMaker, MS Word, …
10-Nov-00 D.P.Kelsey, HTASC report 11
Future HTASC meetings/Topics
(provisional dates/plans)• 8/9 March 2001 (CERN)
– Network security– Revisit/complete XML/Markup languages
• 7/8 June 2001 (location to be decided)– Windows 2000 group review– LDAP?
• 18/19 October 2001 (DESY)– UNIX/Windows integration?
• Other topics:– ideas always welcome!
10-Nov-00 D.P.Kelsey, HTASC report 12
Summary
HTASC invites HEP-CCC to consider/give advice on• LDAP workshop – planned for Mar 2001• X.509 certificates
– Task force for DataGrid Testbed (WP6) (expts via WP8)– General use in HTASC Security group review
• Suggestions for the mandate for the Security review– Could hold a security meeting before HTASC if needed?
• Any more guidance on Markup langs?– What is the question we should answer?
• Other future topics for HTASC consideration?