Changes between Version 5 and Version 6 of GEC16Agenda/DevelopersGrabBag

03/20/13 17:40:37 (8 years ago)
Aaron Helsinger



  • GEC16Agenda/DevelopersGrabBag

    v5 v6  
    2828 * Secure Tool Authorization -- Rob Ricci, University of Utah
     30== Summary ==
     33At the Aggregate Developers' Topics session, we reviewed various ongoing activities to develop
     34and enhance aggregates, and began a discussion for some necessary new functionality.
     36Aaron Helsinger reviewed the status of various issues:
     37 - Aggregate Manager API version 3 runs at !PlanetLab, is mostly done
     38 at ProtoGENI, and will be implemented elsewhere
     39 - Version 4 is not yet finalized, but will include Update() as previously adopted
     40 - GENI RSpecs could be refactored in future, but extensions are powerful
     41 - Omni 2.2.1 is out, and 2.3 is coming soon with stitching support
     42 - Aggregates should highlight different features, but minimize unnecessary differences
     43  - The Uniform Experimenter Environment session Thursday afternoon extended on this
     45Tom Lehman discussed the status of GENI dynamic VLAN based cross aggregate network stitching:
     46 - Prototype deployment working now (demonstration at demo night)
     47 - Architecture exists and shows promise for future dynamic networks
     48 - Stitching Service now covers key pieces of the architecture
     49 - Omni client v2.3 will drive this process in a seamless way for experimenters, and will be released soon
     50 - There are a number of scaling and future issues to discuss,
     51   including how intermediate networks want to manager their VLANs
     53Rob Ricci introduced the topic of making secure authorization easy for tools:
     54 - Hosted tools now need to "speak as" the user, pretending to be the experimenter
     55 - This requires experimenters to give up their private key, which is not secure
     56 - A new "Speaks For" credential and option in method calls would allow experimenters
     57   to authorize tools securely
     58 - A working group should explore the details and make a concrete proposal
     59 - There was some dicusssion of how this credential should allow the experimenter to
     60   scope the authorization - by slice, by aggregate, by operation, etc
     61 - Nick Bastin argued that the "Speaks For" option in method calls might not be needed,
     62   allowing existing v1 aggregates to support "Speaks For".
    3065== Pre-Requisites ==