Changes between Version 5 and Version 6 of GEC16Agenda/DevelopersGrabBag


Ignore:
Timestamp:
03/20/13 17:40:37 (7 years ago)
Author:
Aaron Helsinger
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • GEC16Agenda/DevelopersGrabBag

    v5 v6  
    2828 * Secure Tool Authorization -- Rob Ricci, University of Utah
    2929
     30== Summary ==
     31
     32
     33At the Aggregate Developers' Topics session, we reviewed various ongoing activities to develop
     34and enhance aggregates, and began a discussion for some necessary new functionality.
     35
     36Aaron Helsinger reviewed the status of various issues:
     37 - Aggregate Manager API version 3 runs at !PlanetLab, is mostly done
     38 at ProtoGENI, and will be implemented elsewhere
     39 - Version 4 is not yet finalized, but will include Update() as previously adopted
     40 - GENI RSpecs could be refactored in future, but extensions are powerful
     41 - Omni 2.2.1 is out, and 2.3 is coming soon with stitching support
     42 - Aggregates should highlight different features, but minimize unnecessary differences
     43  - The Uniform Experimenter Environment session Thursday afternoon extended on this
     44
     45Tom Lehman discussed the status of GENI dynamic VLAN based cross aggregate network stitching:
     46 - Prototype deployment working now (demonstration at demo night)
     47 - Architecture exists and shows promise for future dynamic networks
     48 - Stitching Service now covers key pieces of the architecture
     49 - Omni client v2.3 will drive this process in a seamless way for experimenters, and will be released soon
     50 - There are a number of scaling and future issues to discuss,
     51   including how intermediate networks want to manager their VLANs
     52
     53Rob Ricci introduced the topic of making secure authorization easy for tools:
     54 - Hosted tools now need to "speak as" the user, pretending to be the experimenter
     55 - This requires experimenters to give up their private key, which is not secure
     56 - A new "Speaks For" credential and option in method calls would allow experimenters
     57   to authorize tools securely
     58 - A working group should explore the details and make a concrete proposal
     59 - There was some dicusssion of how this credential should allow the experimenter to
     60   scope the authorization - by slice, by aggregate, by operation, etc
     61 - Nick Bastin argued that the "Speaks For" option in method calls might not be needed,
     62   allowing existing v1 aggregates to support "Speaks For".
     63
     64
    3065== Pre-Requisites ==
    3166