[IT 513/1-024] 10:34:41 I do actually know most of these. I just had to, and I thought I should actually explain to him what meet him in, and try to explain what all of this is, and why it exists as quote, it's quite interesting. [IT 513/1-024] 10:34:41 It's quite interesting. We'll stop you data, Good. [IT 513/1-024] 10:34:51 I don't know that far. We so we don't need the context. No, no, no! [IT 513/1-024] 10:34:55 But it was, Globus. It was Globus who dictated. [IT 513/1-024] 10:34:59 We use Pki, I mean, we didn't have any choice. [IT 513/1-024] 10:35:01 If you enable some member that you get back in the post. [Licia Florio] 10:35:09 Dave. I think you are ready [IT 513/1-024] 10:35:09 But other. As I said, it wasn't worth sorry. [Licia Florio] 10:35:15 Dave, are you ready to write the history from Globus to Eelsk? [IT 513/1-024] 10:35:16 Yeah. [IT 513/1-024] 10:35:21 Yeah, you remember those days? Do you remember those things? [Licia Florio] 10:35:25 Hey? I do remember those days. Yes, yes, so we should do that. [IT 513/1-024] 10:35:26 The wonderful death. [Licia Florio] 10:35:33 How we ended up with you [IT 513/1-024] 10:35:36 I didn't appreciate at the time is it was Globus that told us to use Pk: I didn't realize that glomos would tell us to stop using. [IT 513/1-024] 10:35:47 that's nice for now. How I transcript of all he say! [IT 513/1-024] 10:35:52 So that is probably extremely useful whether I don't have to record a meeting, And yesterday, David, you suggested we reported, somebody said recorded was Derek. [David Crooks - STFC UKRI] 10:36:06 over Deborah Derek, I think, because yeah, cause he can't. [IT 513/1-024] 10:36:11 Said, Please record it. Oh, yeah. [IT 513/1-024] 10:36:24 Okay, So nice to see each other. You use use me a time when she used to come to these meetings. [IT 513/1-024] 10:36:32 You should be here later [Licia Florio] 10:36:34 I know I should be there. I should have come in this, and it's everything, and have time with you guys, as in the old days. [Licia Florio] 10:36:44 Oh. [IT 513/1-024] 10:36:47 Well, it's mainly a GM. Full that's 3 participation. [IT 513/1-024] 10:36:50 Stop it, yeah, we we are to happily burning the same 4 butchets. [Licia Florio] 10:36:55 good. [IT 513/1-024] 10:36:57 That's good. Which is a lot better than your future, which isn't burning its budget. [Licia Florio] 10:37:03 That's good. [IT 513/1-024] 10:37:05 Okay. [IT 513/1-024] 10:37:05 Okay. [IT 513/1-024] 10:37:08 We are far beyond certificates for next one. No, no, not yes, we. [IT 513/1-024] 10:37:15 We will talk about splitting Trust Angle repositories. [IT 513/1-024] 10:37:19 David, you want to save your words, or should I show the slide from yesterday? [David Crooks - STFC UKRI] 10:37:23 yeah. [David Crooks - STFC UKRI] 10:37:25 But so, maybe so, maybe this is slightly back chords. But if I I've got a just a couple of framing slides with some so hopefully, correctly, parse details with some discussion points, and then maybe if we then go to the slides from yesterday, or then the discussion, so if I [David Crooks - STFC UKRI] 10:37:44 share, the so the background. So the background to this for Alister and Martin and Mario. [David Crooks - STFC UKRI] 10:37:59 Is that so? Prefacing this to the slides that David has from yesterday is talking about. [David Crooks - STFC UKRI] 10:38:04 Splitting trust. Kind of in a number of ways, but then also thinking about that in a in a talking landscape. [David Crooks - STFC UKRI] 10:38:13 And so you know, with you know, we can talk about splitting trust between transport and authentication. [David Crooks - STFC UKRI] 10:38:19 We can talk about splitting trust between the server and the client, and so they that has, of course, much more detailed this, but some of the discussions that we were having was around so the current state of joint trust so the combination, of the the cab, forum, basically requirements and igtf [IT 513/1-024] 10:38:20 So [David Crooks - STFC UKRI] 10:38:42 assurance, and at the end one of the discussions that we had to was about the possibility to separate trust to stores on the host, and therefore for software modifications would be necessary to use these if that's something that makes sense. [David Crooks - STFC UKRI] 10:39:01 For this, but I think the discussion I I think, would that would be useful after Dalf's sponsor, and we could talk about it is for for our use cases so particularly here so the Cloud for for Mario and that others, and S 3 and you know services, like that Alice Star is so We're transitioning [David Crooks - STFC UKRI] 10:39:23 to use tokens and Wcg: So the framing question is, to what extent do we want to make major changes to our sort of first fabric for X 5 or 9 in this context versus designing for the fight that we'll be using tokens So I would argue [David Crooks - STFC UKRI] 10:39:42 that the pro to doing that is that you know it's clean. [David Crooks - STFC UKRI] 10:39:46 We don't build a legacy, we can design what we need, but it will. [David Crooks - STFC UKRI] 10:39:51 You know it will take longer. And so then the question, I think, to hold in our heads. [David Crooks - STFC UKRI] 10:39:56 Well, data goes to the slides, is, and is there an is there something that we can do to test some of these? [David Crooks - STFC UKRI] 10:40:08 choices. No, with like a particular use case, or a particular project, or a particular instance, or something that we could use to get experience with things in operation. [David Crooks - STFC UKRI] 10:40:22 so I think that was kind of my my sort of the thoughts I had this morning. [David Crooks - STFC UKRI] 10:40:27 So if I stop sharing and hand over to David to go, and to more detail from yesterday [IT 513/1-024] 10:40:33 could. I just [IT 513/1-024] 10:40:34 Could I just add one statement? I think I think the slides are good, David, but there's there's one thing, of course the the timetable that Wrcg is using for its transition to tokens is not necessarily going. [David Crooks - STFC UKRI] 10:40:47 Indeed [IT 513/1-024] 10:40:47 To be followed by other research communities. Right? So so that may actually be a benefit, a longer term benefit some for some Nonw Rcg people, not just for the Hmm. [David Crooks - STFC UKRI] 10:40:57 Well, well, and I think and I think I would specifically note that Jenny, when I talk to her about this, said that June in particular, as you know, wanting to make progress, and so they want to make sure that. [David Crooks - STFC UKRI] 10:41:13 So it's it's you know. We should make sure that we are doing. [David Crooks - STFC UKRI] 10:41:17 We are aligned. Wcg. Is aligned with what June is doing, and vice versa. [David Crooks - STFC UKRI] 10:41:22 but that also implies doing work now, because they're also looking to do work. [David Crooks - STFC UKRI] 10:41:28 Now [IT 513/1-024] 10:41:31 And definitely, I didn't say that the splitting this these trust stores and things is it's a new idea. [Ian Collier - STFC UKRI] 10:41:31 and I, [IT 513/1-024] 10:41:40 We haven't discussed this before right this is, or did I miss it somewhere along the line? [IT 513/1-024] 10:41:42 But it's sort of come out because of all of these discussions about what Platform was doing and all that. [IT 513/1-024] 10:41:50 The changes they were doing, you started to realize that this was that we had the discussion slightly earlier in authorization. [IT 513/1-024] 10:41:56 Work Oh, so it did come up, trying to separate the trust for transport which could be I know we said that we really did that ability cause to just trust the Ca for everything. But I wasn't sure that we knew how to do it And now that seems to be [IT 513/1-024] 10:42:15 Anyway, you you share your slides. It takes me time to catch up [IT 513/1-024] 10:42:23 Oh, that's super! [IT 513/1-024] 10:42:27 I should do The The main slide is just one for for the people who we're not there yesterday. [IT 513/1-024] 10:42:35 That is it worth our saying a few words about changes in cap forum. [IT 513/1-024] 10:42:40 I think probably it is because it's a major thing that's going on. [IT 513/1-024] 10:42:44 This is okay, Donald Recycle: no slides for them in any hurry. [IT 513/1-024] 10:42:55 Particularly whether a cas that are jointly trusted by Web pki tof. [IT 513/1-024] 10:43:02 We're hitting these clashes. Yeah. [IT 513/1-024] 10:43:07 Quick breakup from yesterday. We have a couple of cas that are in the lucky position of having joined trust, which is trust by the browsers and operating system distributed so Web Pki inspired by the Ca browser for baseline requirements and that also have the itf assurance and maintenance [IT 513/1-024] 10:43:35 qualities. Those are the in common service. CIA. It's Pcs, and it's a few offerings from ditchy shirt at all used in Switzerland and for retail also open science for it uses some of the this is sort of offerings that is very confident [IT 513/1-024] 10:43:59 especially for cloud storage and services. You spin up in, say aws where aws? [IT 513/1-024] 10:44:07 sure you know not. It's useful for cloud storage, because they're both eyeballs and agents. [IT 513/1-024] 10:44:14 Talk to the sign endpoint. So you have users using browse or actual storage, and you have agents like Fds. [IT 513/1-024] 10:44:21 That orchestra transfers that media menu leaders we saw this morning all already, for the Cta. [IT 513/1-024] 10:44:30 Use case, the main uniqueness traceability is important. [IT 513/1-024] 10:44:34 many. Uniqueness is not usually considered in the cap forum. [IT 513/1-024] 10:44:39 See a driver forum based on requirements. So hey? [IT 513/1-024] 10:44:43 Happily for about us when they wanted to revise and clean up, based on requirements, York and Bragman from the Fn only inform us that this was going to happen. [IT 513/1-024] 10:44:55 So we sent a joint response on the honor of the Rgtf. [IT 513/1-024] 10:44:59 To Cap Forum, which was probably the first formal interaction we ever had with cap form and it triggered a lot of ratio really sprouted up. [IT 513/1-024] 10:45:08 The great community actually exists, and they talk to us so apparently, that costs great upheaval in the serve for validation working which was wonderful the small. [IT 513/1-024] 10:45:22 They know what they're talking about, I imagine. Yeah, Yeah, sensible things for you. [IT 513/1-024] 10:45:28 Some user. Yeah, So the the key points that where we had a problem were indeed main unique. So many of the name uniqueness, properties of our pki certificates come from a domain component, prefix and domain, components are inherently multi-valued that's the semantics of [IT 513/1-024] 10:45:48 the main component is a component and one of the requirements was that a name was not complained. [IT 513/1-024] 10:45:56 More than one instance of a given attribute, type and value. [IT 513/1-024] 10:46:00 so can I just ask a really dumb vision? Could you give an an example for somebody that isn't as familiar with this of of something that would definitely be allowed, and some of it wouldn't. [IT 513/1-024] 10:46:11 And talking about Ca: a name there that I would cause I I read this, and you know that the sentence makes sense to me. [IT 513/1-024] 10:46:17 But but I can't think of what that would mean as an example Many of the Itf. [IT 513/1-024] 10:46:24 Ca: so all of them have an assigned name prefix. [IT 513/1-024] 10:46:27 So let me so check name. We'll start with particular. [IT 513/1-024] 10:46:31 Yeah, so so I'll pick in common. Let's start with DC: equals org PC: equals in common slash. [IT 513/1-024] 10:46:38 C. Equals us O: equals Brooklyn, National Lab. [IT 513/1-024] 10:46:43 Slash Cn: equals. Yeah, my name. But beginning part the initial part DC. [IT 513/1-024] 10:46:50 Equals. Or DC. Equals in common, as 2 instances of DC domain component [IT 513/1-024] 10:47:00 Right, and that's and that's more than one instance of a given attribute type and value. [IT 513/1-024] 10:47:08 So domain component with this value was an attribute prompt value. [IT 513/1-024] 10:47:14 Okay, So for or call me C equals Uk, DC: I but it's less capacity. You can have a DC. [IT 513/1-024] 10:47:22 Equals or in DC. For something else. But you can't have 2 of decent They just said you can't have more than one The only organization that would actually Still, work fine, for sure because it has its own. [IT 513/1-024] 10:47:38 G Tlb: Sure don't. Yeah so conceivably you could just like Cern in your graduates, Certain dots would have an a rapid, It would actually go next museum. [IT 513/1-024] 10:47:53 How do you have a set of like that? There's blah blah blah museum. [IT 513/1-024] 10:47:58 That's one of the older Gplds. But to need, if you just went to museum, thought you got on the page with an overview of museums [Maarten Litmaath] 10:48:08 hey? Can I ask a quick question? So okay, I can sort of understand that. [IT 513/1-024] 10:48:10 Yeah. [Maarten Litmaath] 10:48:14 Say that they would like to be able, let's say, to simplify some code with this rule. [Maarten Litmaath] 10:48:18 I also think that on a later slide, indeed, there was a pool request or something like that to essentially allow the old way of doing things to stay around for a while. [Maarten Litmaath] 10:48:29 Longer, but by, let's say, would they have to be, Let's say, 2 DC components in the first place, why indeed, not? [Maarten Litmaath] 10:48:38 DC. Equals orc.in common or incumbent org [IT 513/1-024] 10:48:43 because that's that's not to smell of domain component The main component has been defined in both the IQ and the Rfcs as A. [IT 513/1-024] 10:48:55 Component of the domain. A. How to go to have a character [Maarten Litmaath] 10:48:57 Okay, So so okay. But let's say, not all today. [Maarten Litmaath] 10:49:02 Have Dcs. In the first place, right? So we could also go back. [Maarten Litmaath] 10:49:06 Let's say to to to what we had for for all. Cas. [Ian Collier - STFC UKRI] 10:49:09 Okay. [Maarten Litmaath] 10:49:11 I think, many years ago you're still for some of them today, right? [Maarten Litmaath] 10:49:14 They can start with something else. Oh, equals [IT 513/1-024] 10:49:18 Yeah, the the thing is all the other attributes are actually regulated. [IT 513/1-024] 10:49:23 So oh, has to be the subscriber. Not a Ca. [Maarten Litmaath] 10:49:26 No. [IT 513/1-024] 10:49:28 oh, has to be validated against a chamber of Commerce, registry, or legislation, or and that holds for street address locality, Prophet's name. [Maarten Litmaath] 10:49:34 Okay. [IT 513/1-024] 10:49:41 A common name, State country. There are actually only 2 other attributes that were uncontrolled, and that was unstructured Name and info info is not supported by open a cell, and unstructured name was not supported, by bounty. [IT 513/1-024] 10:50:02 Castle total go all the attribute. So what kind of force to use? It's it's the only one that's not as unregulated [Maarten Litmaath] 10:50:04 Yeah. And anyway, they sound wrong right to a while. [Maarten Litmaath] 10:50:17 You got it. So okay, bye, bye, bye, that's that's that's a cold change. [Maarten Litmaath] 10:50:24 Was this this: What does this need accepted for the for the time being. [IT 513/1-024] 10:50:29 out of the this full request. Yeah, it's a call coming up for a formal vote tomorrow, There was I got a mail yesterday from Themitri Sapphopoulos that's not a cochlear That's that's the change to the baseline of chronic [Maarten Litmaath] 10:50:31 Yeah. [Maarten Litmaath] 10:50:51 Okay, sorry. Yeah, I mean. [IT 513/1-024] 10:50:52 it's a github, So, actually going back to Mantis question, Why did they want to reduce everything to just one instance? What are they trying to achieve by doing? [Maarten Litmaath] 10:50:54 Yeah. [IT 513/1-024] 10:51:04 This Was Ryan sleeping Google's asked to simplify the document and then put in everything that was not of immediate use to Google at the time at that time Rice Lee, who was working for Google he has now since moved on Luckily, to a different job But this was the same come can we stop the [IT 513/1-024] 10:51:24 transcript This was to have a look at the interactions between Ryan, Sleevey and Hank Loosebas from Ioc in Dela thief, and it transpires from those discussions on the Mozilla mailing List very clearly about ryan had a [IT 513/1-024] 10:51:49 preponderance for preferring agility over demonstrable security. [IT 513/1-024] 10:51:55 As the key property of certificates. [IT 513/1-024] 10:52:01 it was simplification that they were talking. Yeah, but to do the earlier comments, like weather North Holland has a dash or a space in the middle over a zagraph actually exists or not because Zachra or officially, cannot be used because It's not a subdivision, but a [IT 513/1-024] 10:52:19 city, as part of iso 31 66. [IT 513/1-024] 10:52:26 So those discussions are. Were one of the reasons for sending the mail from Chayon to the European Commissioner on having non-european body essentially taking away autonomy of, say, our European security ecosystem I don't think the commissioner. [IT 513/1-024] 10:52:47 Ever looked at it again. But it was a really nice open letter from jail [Maarten Litmaath] 10:52:55 Yeah, look, I mean, we we probably can't tolerate. [Maarten Litmaath] 10:52:59 things that say that are need coming from outside of Europe, and have nasty implications for What we. [Maarten Litmaath] 10:53:08 Do in Europe, anyway. [IT 513/1-024] 10:53:09 Assuming this, get the good news is they have listened. [IT 513/1-024] 10:53:13 they changed it. We can now have multiple There's so free persons in particular that I think we should be grateful for Demetrius Sahropolos from Harika who is actually the current chair of cap. Form. [IT 513/1-024] 10:53:29 How background in the educational space was closely linked to Trion that is based in Athens. [IT 513/1-024] 10:53:35 we heard about him 15 years ago, when he set up the first public sea a just 4. [IT 513/1-024] 10:53:41 The doctrine servers, but he has done a great job there also, for people in La and remember Clint Wilson used to be dirty, sir. [IT 513/1-024] 10:53:51 He is now sharing the apple brood program, and he has very coinedly stepped up to draft the changes and work with us Demetrius, who gave you positive anticipation, Tim Holovic from this is also explained a bit. [IT 513/1-024] 10:54:15 How the cap form works, If there's a deadline of September 20 s, 2,022 that may be, should be interpreted as not before. [IT 513/1-024] 10:54:26 September 20, s, 2022, so it may take another year. [IT 513/1-024] 10:54:32 So the result was this full request that allows domain Compound actually River May, which is on optional, which is better than for trump of common men, which is, a should not [IT 513/1-024] 10:54:51 In our seat, to to online terms, And then this has the proper semantics. [IT 513/1-024] 10:54:57 I think there will be later on in another pull request. The validation of the domain should be turned back into a domain, and then Use Dcv mechanisms to validate owner. [IT 513/1-024] 10:55:13 That it's indeed allowed. Yeah, We got 2 other suggestions. [IT 513/1-024] 10:55:20 actually one came from Clint Loko. Hey, I'm running the apple route program. [IT 513/1-024] 10:55:25 We have several root programs. Not all of them are just web pki. [IT 513/1-024] 10:55:31 What do you think about an I GPS rude program for apple, so he could have with all the cafes and a long discussion which will probably take multiple years. [IT 513/1-024] 10:55:42 They have igtf being recognized by defaults on apple products [IT 513/1-024] 10:55:50 What that would require a significant change in compliance and rutivity. [IT 513/1-024] 10:55:55 Also on behalf of the Igtf, said to the discussions we had yesterday allow self assessment at Beer Review. [IT 513/1-024] 10:56:04 Shoot through them before. I'm not sure whether it's actually oh, useful, especially for client search, which would be out of sculpt for this one It's easy to do for servicers. [IT 513/1-024] 10:56:15 It's hard to do for and users [IT 513/1-024] 10:56:19 But the other thing that came up is we've been now pushing very hard for alignment, with cap forums for both transport level. [IT 513/1-024] 10:56:29 Iball level and Ancient level, authentication, but those are actually 3 different use cases, and the reason that this it triggered me was that, we had a similar discussion in the context of Tobas value sound. [IT 513/1-024] 10:56:49 Off, Send around say, actually access tokens or jousts that are nicely self-signed. [IT 513/1-024] 10:56:53 But you just need a secure transport mechanism to drop to the right endpoint, and for transport security to a known predefined endpoint domain control validation is actually probably sufficient. [IT 513/1-024] 10:57:12 You cannot use domain, control, validation and just the domain name if you want to use it for client authentication Of course, there you need to mainly make us. [IT 513/1-024] 10:57:22 Within a dozen scenario. The name you need. Us would come from the token Surplus s plus it's a traveled ATM. [IT 513/1-024] 10:57:30 At this moment [IT 513/1-024] 10:57:33 So down. You don't need to name your latest, because the name your maintenance is in the issue, word plus subject [IT 513/1-024] 10:57:43 Their Tcv could be perfectly fine for transport security, which would open up the space for say, aws, pre provision certificates, or even let's encrypt if you really want naturally you could conceivably do the same for our current infrastructure. [IT 513/1-024] 10:58:05 But then you have to separate a trust store between transport, trust, eyeball, trust, and say, Sure agent or broker-based trust [Ian Collier - STFC UKRI] 10:58:06 Okay. [IT 513/1-024] 10:58:17 You can do, you can separate in, for example, Apache. [IT 513/1-024] 10:58:24 At a moment. Eyeball, trust and transport trust, and the way it works is that you have a 4. [IT 513/1-024] 10:58:36 Serve a trust. The server said the veter, who sends off. [IT 513/1-024] 10:58:40 I. Certificate and certificate, chain that has to be trusted by the client, or the gradual. Well. [IT 513/1-024] 10:58:49 Firstly, the server only needs to validate the browsers. [IT 513/1-024] 10:58:54 Here the users browser identity, so it doesn't need to trust itself so it could happily have only the ittf certificates in its local trust. [IT 513/1-024] 10:59:09 Score, but send a this, if he only certificate outgoing that works. [IT 513/1-024] 10:59:17 If you have server to eyeball trust, it goes hideously wrong. [IT 513/1-024] 10:59:21 If you have server to agent, trust cause we We We already saw the the previous talk. [IT 513/1-024] 10:59:29 By That's where you have the fps. [IT 513/1-024] 10:59:33 The surfer, the 2 PP. Show for us need to trust, and Charlotte, and then you send off the identity of the server to the other side at which point you need to facilitate the identity of the auto shore. [IT 513/1-024] 10:59:48 Which you need name, you make us So there you need actually joint Trust both. [IT 513/1-024] 10:59:56 I Gpf and Grandchildren [IT 513/1-024] 11:00:01 Another. This is is this still clear, or people are starting to look trying to? Yeah. But now I'm not entirely sure what this means for us. [IT 513/1-024] 11:00:18 Sound like you'll say some things today that you didn't say yesterday. Th the all those last statements of that. [IT 513/1-024] 11:00:25 So did you say that yesterday? Okay, Yeah. [Maarten Litmaath] 11:00:29 so maybe maybe let's say we could have an example of something that's say that we cannot do today. [Maarten Litmaath] 11:00:37 That we want to be able to do, and so I I can see, basically had the 3, the 3 sort of ways, indeed, for for trust to be to be considered an implemented, and and I can indeed, seated, so let's say certain combinations, may be tricky to to get right on the other [Maarten Litmaath] 11:01:01 hand. You know. My first thought was we could, of course, in in our trust store, put in anything that say that we that we care about. [Maarten Litmaath] 11:01:12 So igtf, and all the stuff. Let's say that's that. [Maarten Litmaath] 11:01:16 Normally, let's say we we didn't use until now, but now we may do. [Maarten Litmaath] 11:01:20 I but at that is probably not. Let's say, hey? The answer to this, because I think the example that you just gave last shows that he had that if you want to support all use case at the same, time you might not sort of know so easily which certificate to to send basically to the other [Maarten Litmaath] 11:01:41 side, and and of course, already, let's say that would require significant code changes in some places for benefits that are unclear to me at this time. [IT 513/1-024] 11:01:49 Yup [IT 513/1-024] 11:01:56 Yeah, especially since we are moving away from most of the the legacy. [IT 513/1-024] 11:02:02 Protocols, especially Grid Fv. Is really hard to fix. [IT 513/1-024] 11:02:07 and change the protocol for because the okay, it's if you want to do this, right surfers that talk to other services would need to use a robot certificate to authenticate themselves to another side But the pro code doesn't allow to separate those identities cause it will need [IT 513/1-024] 11:02:30 to send back the expected identity to the agency to the Fts. [IT 513/1-024] 11:02:34 Okay, you want me to talk to this other server to the other server. [IT 513/1-024] 11:02:38 I will authenticate as blah, and that needs to that information needs to be sent Fruity, intermediate agents like fruity fts, and at such a huge protocol change that I don't think we'll ever come to make that Yeah, that's just coming. [Maarten Litmaath] 11:02:53 yeah. By the way, did you mention Grid, Ftp: So: there, let's say I would sort of say we don't have to worry too much. [Maarten Litmaath] 11:03:02 Because it's on his way out [IT 513/1-024] 11:03:04 Yeah. [IT 513/1-024] 11:03:04 Away. [Maarten Litmaath] 11:03:07 so, but I think the Fts already. Let's say we need significant changes to allow this to happen in the first place. [Maarten Litmaath] 11:03:15 So again. We I think we need, let's say, to have a a few, or yeah, at least one important use Case documented, saying, Well, here we have the situation with the current software, we cannot do this because and that I haven't seen yet. [Maarten Litmaath] 11:03:32 Let's say so far in this discussion [IT 513/1-024] 11:03:33 Okay, no, and I. That's also why I think that it doesn't make much sense to do this separation on the Pki side at this moment I would try to lump this one in with the move to calcos I I wanted to just And if I can martin it's great [Maarten Litmaath] 11:03:49 yeah. [IT 513/1-024] 11:03:55 Ftp. Going away. Can we actually say that? And now I know that the grid, as all move pretty much everything's webbed advocate or Alice is is continuing to use X. [IT 513/1-024] 11:04:04 3D. But we know that there are strategic plans for a lot of jobs to run on Hpcs. You know. [IT 513/1-024] 11:04:13 It's a strategy in the Us. Run it on that a lot, You know. [IT 513/1-024] 11:04:17 We do a lot of monolo on large Hpcs. [IT 513/1-024] 11:04:19 A lot of them have blow this. That is their standard way of of accessing moving data to and from them. [IT 513/1-024] 11:04:26 And would it not be you know, premature, to say that we would be able to work in a in a redactive eagle over screen environment? [IT 513/1-024] 11:04:35 Going? You know, Going forward? I I can't see it going away for all use cases anytime. [IT 513/1-024] 11:04:40 Soon an important edge case that we can't ignore. [Maarten Litmaath] 11:04:42 yeah, that's a good point. I'm sorry. Yeah, Yeah, we You might sort of. [IT 513/1-024] 11:04:47 Unfortunately. [Maarten Litmaath] 11:04:49 So if we really, let's say, didn't want to use good atp, we would have to sort of put our own edge layer in front of it the translation. [Maarten Litmaath] 11:04:58 Layer basically or something like that. But oh, yeah, that's a that's a good point. [Maarten Litmaath] 11:05:02 So okay. So that's it. Yeah, go ahead. [Mario Lassnig] 11:05:03 can. I just hook onto that? Because the grid Ftp protocol is not at all a requirement to talk to Hpcs, especially in the Us. [Mario Lassnig] 11:05:17 Where Everything is done with the global system directly. This is a completely separate authentication. [Mario Lassnig] 11:05:23 Mechanism, and it's as far as understand it's not. [IT 513/1-024] 11:05:26 Okay. So so yeah, So maybe [Mario Lassnig] 11:05:30 It's not connected to that at all. [Maarten Litmaath] 11:05:31 Okay, that's good news. Thanks, Mario. [IT 513/1-024] 11:05:35 But that means the requirements globus, but not grid. [IT 513/1-024] 11:05:37 Ftp: Is that Is that what you're saying, Maria? [Mario Lassnig] 11:05:41 Well, we'll have to see what the department of energy does. But let let's keep it in the back of our heads. [IT 513/1-024] 11:05:42 Yeah. [Maarten Litmaath] 11:05:48 no, I I think you need to access point, despite that We that's who in to interact with Hbc's right? [Maarten Litmaath] 11:05:54 We sort of need to use the Hpc software right? [Maarten Litmaath] 11:05:57 But it's sort of shall we say boxed in from our perspective right? [Maarten Litmaath] 11:06:02 So it is not. Let's say that you have to be able to say, to to do that from the other side of the world, and so so that that saves us there. [Maarten Litmaath] 11:06:12 I would say so. We be so we can need still move away from the Ltp. [Maarten Litmaath] 11:06:15 So we our cokes that say, would not have to support that anymore. [Maarten Litmaath] 11:06:21 well, you know in the near future. [Mario Lassnig] 11:06:24 That that is a reasonable assumption. Yes. [IT 513/1-024] 11:06:24 yeah, yeah, I think most of the us sites are using are moving to that proprietary globals. Online. [IT 513/1-024] 11:06:33 Protocol. I'm not sure you can even talk to it without using globus online [Mario Lassnig] 11:06:40 that is not true. No, they're they're they're running wet off [IT 513/1-024] 11:06:42 Hello. Oh, Oh, no. Okay? Well, Webinar will work. [Mario Lassnig] 11:06:48 Yes. [Maarten Litmaath] 11:06:53 yeah. So let's say the bottom line would be, Let's say that. [Maarten Litmaath] 11:06:56 Yes, we know that what we have today since forever has some. [Maarten Litmaath] 11:07:01 some let's say, Well, problematic assumptions that we that of course, from time to time we we we have run into at the same time we know, that say that, at least for for for agents, as you, call them, we move to tokens okay, who's we Yeah, it was [Maarten Litmaath] 11:07:24 pointed out here that other communities may not be as fast with that. [Maarten Litmaath] 11:07:29 And of course that means that we have to keep an eye out for them at the same time. [Maarten Litmaath] 11:07:36 Of course, the the software stacks that we have in Wcg. [Maarten Litmaath] 11:07:42 And related communities can also be adopted still by more community. [Maarten Litmaath] 11:07:48 So if they, if they at some point sort of really get stuck because of these these conditions, we could sort of say, Hey, have you considered using this other software that is used by huge experiments, with great success? [Maarten Litmaath] 11:08:02 And so, and and typically also quite well supported outside these experiments. [Maarten Litmaath] 11:08:08 And so it's not. Let's say that we I think we are sort of on a path towards a cliff, and we have to do something now and then. [Maarten Litmaath] 11:08:18 In meantime, of course, the use of tokens will only get to get better, and and that means to say that some of these these potential mismatches should hopefully become less and less relevant [IT 513/1-024] 11:08:39 Oh! [IT 513/1-024] 11:08:43 I I would push for you doing this, together with the move to work, starts and not invest too much in the older, systems. [IT 513/1-024] 11:08:56 Just that. I what off [David Crooks - STFC UKRI] 11:08:59 I mean, I think that makes sense to me [David Crooks - STFC UKRI] 11:09:03 Was it prostate [Maarten Litmaath] 11:09:12 and David, it's a It's probably still a good idea to upload your slides [IT 513/1-024] 11:09:20 Which day for do you mean [Maarten Litmaath] 11:09:22 Well, you are called so. It isn't you? [David Crooks - STFC UKRI] 11:09:28 so my, the the the skeleton slides. [David Crooks - STFC UKRI] 11:09:32 I I presented our on the integral. Let me just got that, and the chat [Maarten Litmaath] 11:09:36 Okay. [IT 513/1-024] 11:09:37 Yeah, yeah, And this this slide that is there as well. But from yesterday. [David Crooks - STFC UKRI] 11:09:44 From from yesterday. Yep: And and so I think I think the thing. [David Crooks - STFC UKRI] 11:09:51 So I I would offer that the thing we should pick up [David Crooks - STFC UKRI] 11:09:58 on the Resource Trust evolution. So for Wcg. [David Crooks - STFC UKRI] 11:10:05 Is to, as I think, as Martin, as you say, is to find examples of, for the you know, if we are, if we're if we're lumping this into the talking, transition, we should you know we should have examples. [David Crooks - STFC UKRI] 11:10:19 Of what this is, so that we can. I I think a lot of this discussion is useful in in slightly in the abstract moment, but we we should make it concrete, so that we can explore opening [Maarten Litmaath] 11:10:36 yeah, And I think, let's say that there are. There's at least one use case over there. [IT 513/1-024] 11:10:39 awesome. What's this [Maarten Litmaath] 11:10:42 No, just too. Even might that be that we were going to to try and do something about, And that is the indeed the the question of which Cas we can trust. For what purposes like the let's encrypt to example is already given a few minutes ago. [Maarten Litmaath] 11:11:05 and how to embed cloud resources more conveniently than today. [Maarten Litmaath] 11:11:13 And Era Mario. I think we'll have an example or 2, and so it's not panic stations yet. [Maarten Litmaath] 11:11:21 But we know that we have to do something that will sort of get us right for the longer run, So hopefully. [Maarten Litmaath] 11:11:28 In the near future we can have another meeting about it in that task force to Cdm. [David Crooks - STFC UKRI] 11:11:33 yeah. [Maarten Litmaath] 11:11:34 How we can tackle these things so so that indeed, is the right place actually to to look and need for. For. [IT 513/1-024] 11:11:35 Yeah. [Maarten Litmaath] 11:11:41 for let's say, examples where stuff doesn't work out of the box today, or at least that's a not in a nice way. [Maarten Litmaath] 11:11:49 And what would be the desirable way to to move forward there. [Maarten Litmaath] 11:11:54 And of course, having to factor in where code would have to be changed in non-trivial ways. [Maarten Litmaath] 11:12:03 To allow this to happen Okay, that's exactly the the, I think the the job for that task force [David Crooks - STFC UKRI] 11:12:05 And [David Crooks - STFC UKRI] 11:12:09 Yeah, and I think, sorry, sorry just to get this thought out. [David Crooks - STFC UKRI] 11:12:15 And so I think so. Then I think the key thing, Dane, from this discussion is a a more serious consideration of splitting our trust stores and our trust purposes, and use I'm having that model in mind when we're talking about our use cases, as you just said [IT 513/1-024] 11:12:32 Yes. [IT 513/1-024] 11:12:38 So. Could I just ask a question for Tarti. So you're talking that way about separating transport level trust from authentication. [IT 513/1-024] 11:12:47 Trust Yeah, on the transfer level. Trust, then would allow us to trust Webpki Cas that today it's not just through, but the authentication is known X, 5 or 9 based it's Yeah, all strict into the use case where the authentication. [IT 513/1-024] 11:13:05 Is totally [Maarten Litmaath] 11:13:09 yeah, we know we need it. Yeah. [Mario Lassnig] 11:13:09 so sorry to chime in here [IT 513/1-024] 11:13:12 talking about doing it. X 5 on 9. Base. You could even do x 5, 1, 9 authentication. [IT 513/1-024] 11:13:16 And just for us, too complex, because the third part, the the age. [IT 513/1-024] 11:13:22 Nothing doesn't work that requires lots of changes in software. [IT 513/1-024] 11:13:27 And if you're changing software or not, change it towards token based authentication, Presumably, if we can build in transport level trust with things like lesson crew there's very minor changes. [IT 513/1-024] 11:13:39 If any changes to the software or other, that would be certainly changes currently It's combined. [IT 513/1-024] 11:13:45 So if you do P. K. I. Then you can lump all the trust together under requires changes in protocols and software to separate it. [IT 513/1-024] 11:13:57 Whereas in the token page all the authentication is actually dolphin-based. [IT 513/1-024] 11:14:03 And you just need a transport mechanism. So you need a trust door for the tokens to sort of say, this is the transport that yeah, not just the token trust and the transport level trust is then completely separated. [IT 513/1-024] 11:14:16 So that's mine in China. [Maarten Litmaath] 11:14:17 the tokens. Basically you. You can compare them to vms. [Maarten Litmaath] 11:14:21 We have an out of band mechanism also there to for services to decide which issuers they trust, for which namespaces or services, or what have you? [Maarten Litmaath] 11:14:32 And so so that is it's a need, a nice split that we hear that in theory we could have done, of course, 20 years ago. [Maarten Litmaath] 11:14:39 But of course we didn't know that we were going to run into these kind of things, and so I think we the The right decision was taken 20 years ago, But now let's say we it's time to move on Mario. [Mario Lassnig] 11:14:55 yes, I I don't get the What do you mean with track trust? [Maarten Litmaath] 11:14:55 Wanted to say something I Think [Mario Lassnig] 11:15:04 Because for us, when we go to storage, we basically say, Hey, look I'm I'm this person. [Mario Lassnig] 11:15:08 I want to get that file, and then I expect everything to come transported via Tls. [Mario Lassnig] 11:15:12 Connection [Maarten Litmaath] 11:15:13 yeah, that's exactly That's the Tls connection. [IT 513/1-024] 11:15:15 Okay. [Maarten Litmaath] 11:15:17 How do you set it up right? Are you talking to the right, guy? [Maarten Litmaath] 11:15:22 Let's say to the right service, Can you trust this [Mario Lassnig] 11:15:26 Right. So th. This is, then, exactly the problem that I run into with the commercial cloud providers right [Maarten Litmaath] 11:15:30 Yeah, exactly. And so so I think they're not so far away from a from a solution in particular, right? [IT 513/1-024] 11:15:31 Okay. No. But if you [Maarten Litmaath] 11:15:37 Because we have taken. We are taking out the difficulties that come from users [IT 513/1-024] 11:15:45 Yeah, the 2 things are the Standard Trust stores for browsers will work because you know where you're going. [IT 513/1-024] 11:15:52 So you you are going to a predefined Dns name, and then you expect to find that name or the other end, and the other end can say, Yeah, this is the certificate. [IT 513/1-024] 11:16:04 Of proof that I am the right endpoint. That's different from that endpoint. [IT 513/1-024] 11:16:09 I'm going off and trying to authenticate with the DNA, which is unverifiable because it's the originator rather than the single of the connection [IT 513/1-024] 11:16:23 So that's why not Pure Tls contacts a domain. [IT 513/1-024] 11:16:28 Control validation is sufficient. [Maarten Litmaath] 11:16:33 yeah, So basically, what we want to do is to keep X 5 or 9 where it is good. [Maarten Litmaath] 11:16:38 And that is basically for service to identify themselves [Maarten Litmaath] 11:16:46 And the rest we do with tokens [Mario Lassnig] 11:16:55 so from my site. This keeps everything as complicated as it is right now, and that's the additional complication to develop more software [Maarten Litmaath] 11:17:06 no, no, because Mario, let's say V. Tls. [Maarten Litmaath] 11:17:09 Handshakes are essentially done all under the hood, right by by standard libraries. [Maarten Litmaath] 11:17:12 I mean, at least, you would no longer have to worry about that. [Maarten Litmaath] 11:17:15 So you essentially only care about handing out the right tokens at the right time. [David Crooks - STFC UKRI] 11:17:25 yeah, I'm I'm well, well, hopefully, not at the risk of modifying this. [David Crooks - STFC UKRI] 11:17:31 what we are saying is that for transport, level trust we wouldn't be restricted to only using Igtf trust stores. [Maarten Litmaath] 11:17:42 need. That's one of the main benefits [David Crooks - STFC UKRI] 11:17:43 Gotcha. Yeah, Because what we're doing is so one of the one of the main purposes of the Igtf Trust store is because then we we have assurance about exactly exactly. Who it. [David Crooks - STFC UKRI] 11:17:57 Is we're talking about, whereas what we're talking about here is making sure that the transport. [David Crooks - STFC UKRI] 11:18:06 So we are separating out the [David Crooks - STFC UKRI] 11:18:11 Securing the transport itself from the identity, and so by doing that it means that we could to right jump. [David Crooks - STFC UKRI] 11:18:23 If I'm if I'm if I'm saying this wrong, no, what we can say is that [David Crooks - STFC UKRI] 11:18:28 As long as we are happy that the Tls connection is being set up properly. [David Crooks - STFC UKRI] 11:18:36 I mean, understand how. That's working, And we, you know, we can use the Google Ca: and we can use Microsoft team, and whatever, as long as we're happy, that that's working in the way, that we want. [David Crooks - STFC UKRI] 11:18:48 To. We can then separate that out, and when it comes to the identity of the entity that is doing the transaction, we can then rely on tokens, purely tokens to do that, so we so so then Yeah, so then that's that's that's the separation. [David Crooks - STFC UKRI] 11:19:06 That we're talking about So what it means is that we would then not need to have Itts, certificates for all hosts. [David Crooks - STFC UKRI] 11:19:15 Because I'm we're using, you know. Those are for a different purpose. [Mario Lassnig] 11:19:20 Right? I understand, Okay, good. So that's one problem, then, for the tokens themselves, how would how would they be procured? [Mario Lassnig] 11:19:32 Because right now, what we do to authenticate to commercial cloud storage is by generating a pre-signed URL with a pre-shared secret. [Mario Lassnig] 11:19:42 So basically, you calculate this let's call it secret. [Mario Lassnig] 11:19:47 URL yourself offline, and by going to the server, the server then understands that so you can. [Mario Lassnig] 11:19:54 It trusts you because you. We're the only one who were able to create this secret. [Mario Lassnig] 11:19:59 URL: Now, this is okay ish. But of course, for every single provider, even for basically every single object, still, provided we have to do this customized. [Mario Lassnig] 11:20:17 This is not nice, however, basically all of them also provide access via barrow tokens. [Mario Lassnig] 11:20:25 So you just sent them within the http headers. [Mario Lassnig] 11:20:28 This is also okay. However, for this, we we would need to create these tocons also. [Mario Lassnig] 11:20:37 Customize per provider, because they they are not uniform. [Mario Lassnig] 11:20:41 I cannot use the same code to generate a token for Amazon. [Mario Lassnig] 11:20:47 Then for my private mini O. S. Free Server, things like this. [Mario Lassnig] 11:20:49 So this would require quite a lot of development, anyway. But I think this is very well invested, and this would go in the full stack down from X D. [Mario Lassnig] 11:21:05 And G. File up to Fts. Interest you. [Maarten Litmaath] 11:21:11 yeah, that Th: that's a group point, Mario, I think. [Maarten Litmaath] 11:21:14 Let's say that this is related, but at the same time, you know, whilst there is, let's say, no standardization among these different providers, you will and we'd have to do the nasty work somewhere. [Maarten Litmaath] 11:21:30 And of course, if this can be hidden to some extent in libraries like G File, and and so on, then, of course, it is easier for many communities to profit from from those investments. [Mario Lassnig] 11:21:43 Absolutely. [Maarten Litmaath] 11:21:44 But that is good. Yeah, this is I think I saw it in a way, Right? [Maarten Litmaath] 11:21:49 We, we will not be able, let's say, to just use let's say, our IM tokens for everything. [Maarten Litmaath] 11:21:58 because of yeah, these, these extra sort of parties that we're trying to bring in that play different ball game. [Maarten Litmaath] 11:22:05 So so there we need some sort of mixing and matching will will be needed. [Maarten Litmaath] 11:22:11 And and and yeah, one probably a bunch of plugins will have to be be. [Maarten Litmaath] 11:22:16 Be be be written. So that's indeed different. Cloud Providers can can be used [Mario Lassnig] 11:22:22 Yes, and and I think this is this is the way the way forward in in this area also. [Mario Lassnig] 11:22:27 This gives us a bit of flexibility with the Hpc. [Mario Lassnig] 11:22:32 Centers who are all now claiming that they are running object, source, and whatever, and they also want to have a proper security system, figured out. [Mario Lassnig] 11:22:40 And if we say, okay, we have in our infrastructure a customizable and plugin based approach to these external providers that are required token in some sort, but maybe this one wants to have the capital X here, and this one wants to have an underscore why there [Mario Lassnig] 11:22:59 then, if if we have this whole concept ingrained in our infrastructures, makes it easier for everyone, and also maybe one, how would you call that from a strategic point of view, makes it? [Mario Lassnig] 11:23:14 Easier for Hpc centers to integrate with the Wlcg. [Maarten Litmaath] 11:23:21 yeah, I think that's that's a nice, a summary, And we probably can discuss this further. [Maarten Litmaath] 11:23:29 also during the workshop, taking it, I think, in the Hbc session. [IT 513/1-024] 11:23:36 No, that's the the development as well as to what Banana's workshop or the LCD workshop [Maarten Litmaath] 11:23:42 sorry. [Maarten Litmaath] 11:23:47 Yeah, the Wc. Works up in Lancaster early November. [IT 513/1-024] 11:23:50 Okay. [IT 513/1-024] 11:23:56 Or it may be worth one thing also, for the Webinaras [Maarten Litmaath] 11:23:59 it sounds the need to head that this is not just our problem. [IT 513/1-024] 11:24:08 Anyone wants to go to Bloomington [David Crooks - STFC UKRI] 11:24:11 well, so we we had a well, so Martin and I, Porting Cremers and I had accession. [David Crooks - STFC UKRI] 11:24:16 So we're both going to Bloomington. [IT 513/1-024] 11:24:25 I don't [IT 513/1-024] 11:24:26 I learned one other new thing today that even if we standardize the the way to get trusted token issue was for em and auto proxies. [IT 513/1-024] 11:24:37 You still need that translation layer to go to the the proprietary protocols of many of your texts or providers. [IT 513/1-024] 11:24:45 So Alice! Are those Protocols proprietary protocols? [IT 513/1-024] 11:24:51 How are they? Well controlled, well defined, and unlikely to change? [IT 513/1-024] 11:24:56 If we change. [Maarten Litmaath] 11:25:02 deep, dreaming. [IT 513/1-024] 11:25:04 Yeah. [Maarten Litmaath] 11:25:06 But then again, right we. We are the campaigns of hybrid systems [IT 513/1-024] 11:25:07 That's another. [IT 513/1-024] 11:25:11 That's a moving target. Then [IT 513/1-024] 11:25:14 Yeah, when at least the moving target is contained in a plugin system, say G file or Fms. And it's not exposed at the infrastructure level [IT 513/1-024] 11:25:28 So, etc., provided you know the changes or what the effect of the and it doesn't just suddenly change [Maarten Litmaath] 11:25:29 yeah. [Maarten Litmaath] 11:25:41 yeah, but then again, right, I mean, it's it's hopefully, let's say, yeah, yeah, the the relationships will be reasonable. [Maarten Litmaath] 11:25:50 And these providers don't do crazy things. It's also in their interest, right? [Maarten Litmaath] 11:25:54 They probably don't want to chase off customers from a walking, but that is expanding so [IT 513/1-024] 11:25:59 It hasn't stopped them in the past. Yeah, no, I have no idea I'm not saying it's curious whether that's like to be a problem, but it does lots of legacy. [IT 513/1-024] 11:26:11 Interfaces still around, focus if as free, were to change its interface customers would run to a competitive work. [IT 513/1-024] 11:26:19 Okay, if you change it, people again have a choice. So you don't want to change because you made those customers [Maarten Litmaath] 11:26:28 yeah, and since it's sort of industry, well, maybe not. Standard. [IT 513/1-024] 11:26:28 Let's see. [Maarten Litmaath] 11:26:32 But let's say, but at least standard practice. We can profit from that also in that respect, as David. [Maarten Litmaath] 11:26:39 Just 100, explained [IT 513/1-024] 11:26:44 Oh, yeah, that's not true. Just being because of these browsers, and the operating systems that keep changing everything. [IT 513/1-024] 11:26:58 Yeah, would be a little easier. [IT 513/1-024] 11:27:04 It's just we're actually closed the ecosystems because we are in an open ecosystem as a protocol, and the standard is quite nice. [IT 513/1-024] 11:27:15 is this: The pure math is beautiful, but reality and physics is is terribly messy in the edge cases. There, I mean it. [IT 513/1-024] 11:27:24 Kind of feels the complaint It's just that they never take all the used cases into account decisions. [IT 513/1-024] 11:27:35 400 would have been great before people [IT 513/1-024] 11:27:40 Oh, Hmm: Okay, Often we made a lot of progress and getting lots of insight. [IT 513/1-024] 11:27:49 The other thing took her, looking back to separating trust stores, and before people leave, maybe for other things. [IT 513/1-024] 11:27:58 we had the idea yesterday talking about trust stores to also some look at a trusted way of getting a list of token Issuers, like I will probably come back to that in later afternoon. [IT 513/1-024] 11:28:13 So if you're staying on for the rest of the day, you don't need to answer. [IT 513/1-024] 11:28:17 Now, if you're leaving currently for many of the token issues, you just got. [IT 513/1-024] 11:28:23 yeah, the endpoint or the well-known endpoints. [IT 513/1-024] 11:28:27 and take it for granted you communicate it out of that. [IT 513/1-024] 11:28:33 one of the ideas was to actually collect a list of trusted token issuers that would a align, with the best practices on how to operate your type, an issue or based on our G. O. [IT 513/1-024] 11:28:47 75 so the Aa operations document and maybe split by assurance level. [IT 513/1-024] 11:28:53 So, whether it's cappuccino or espresso, or just dogboard of basic style assurance that would actually implement the other part of the separate birth trust store separation. [IT 513/1-024] 11:29:10 So you have, and transport layer and your health trusted stock initials. [IT 513/1-024] 11:29:17 I think we came up with that idea 2 3 weeks ago, and that was, I think so. [IT 513/1-024] 11:29:23 That's a good idea. Oh, there will. There are also a couple of technical issues that we may or may not get to this afternoon, but you may have no video if we were to distribute such a list of issuers would you prefer a single nest I separate list. [IT 513/1-024] 11:29:41 Per assurance level, or something in a kind of Jason file, so you can actually anocate it with say contact, information or security, contact, point, or policy Yeah, URL: bit inspired by the Oh, I. D. [IT 513/1-024] 11:29:58 C Federation metadata that you could put around a trusted end point. [IT 513/1-024] 11:30:06 if you have an opinion about any of this, and you're not joining this often. Say, after a lunch after the discussion this afternoon, you're also welcome to force your opinion now [Maarten Litmaath] 11:30:22 so I will certainly like to say something about it. And this afternoon I have another meeting, starting at 2 that hopefully, just last half an hour, but could be an hour. [IT 513/1-024] 11:30:25 Yup [Maarten Litmaath] 11:30:34 So so I saw the slot was was, I think, for for for from 2 to 3, 30 or so so I might miss my a part of it. [Maarten Litmaath] 11:30:46 so, if you allow me, then isn't this essentially so of you? [Maarten Litmaath] 11:30:51 Know something that we already thought about many, many years ago, that we could do, let's say, a better job with with documenting or showing, Let's say that vom services run. [Maarten Litmaath] 11:31:08 Let's say, in the right way So that's my first question. [Maarten Litmaath] 11:31:12 Is that correct [IT 513/1-024] 11:31:13 No. [Maarten Litmaath] 11:31:16 And we never did that, of course, because then yeah, my next question is, I mean, who is going to be be checking that and giving out labels like your vms. Or Token service. [Maarten Litmaath] 11:31:27 Is category A, but theirs is category. [Maarten Litmaath] 11:31:31 B be called because of what [IT 513/1-024] 11:31:38 Yeah, I think that's partially what is already done in Ego Pma: But for the Cas rather than bonds. [IT 513/1-024] 11:31:47 And since we're moving to tokens, the Ca's and bombs are effectively merged into one bit of size. [IT 513/1-024] 11:31:54 But just in my head. It seems fairly logical that the self-assessment and what's done in ego pna and I tf in general, would then apply to the token issuer kind of encompassing the Ca plus bombs conceptually [Maarten Litmaath] 11:32:11 Yeah, look ideally. Of course, we would have this, but I I see sort of a difficulty with, let's say which kind of people are going to to basically be. [Maarten Litmaath] 11:32:23 Be doing that. And you say self assessment. Yeah, that goes a long way. [Maarten Litmaath] 11:32:27 You can indeed, describe basically how you set things up, how you sort of try and keep things secure. Hey? [Maarten Litmaath] 11:32:35 but then at some point, a site will say, Look, we support Atlas. [Maarten Litmaath] 11:32:41 So of course, we are going to configure the IM for our class. [Maarten Litmaath] 11:32:45 However, it is implemented [IT 513/1-024] 11:32:50 The first thing they'll probably do the last thing. I think that there needs to be a bit of critical reflection on my as a whole needs to say that. [IT 513/1-024] 11:32:58 We're happy with the way out. This is really good. [IT 513/1-024] 11:33:00 If we see problems, we might want to change something. Hmm! [Maarten Litmaath] 11:33:03 Yeah, I I I feel okay. Yeah. [IT 513/1-024] 11:33:04 Is the general So it's it's self assessment. [IT 513/1-024] 11:33:08 And Peer Review. Is this: The community as a whole needs to somehow get together one possible place to do. It is in what is like Igtf where we've been doing this for many years, so this is we don't have to do this self assessment [Maarten Litmaath] 11:33:23 Okay, So maybe we should give it a go [IT 513/1-024] 11:33:25 At least the community as a whole. We need to make sure that you know the people really these things, but I still see it as very useful to have a list of these trusted token issues that's have been found to meet the requirements of Geo the operations and and that the assurance is an [IT 513/1-024] 11:33:42 identity, proofing type thing, which is which again, something that Igtf has lots of experience in, on the assurance we maybe need a bit. [IT 513/1-024] 11:33:52 They're more careful now because it's not given that all of the identities coming out of a single technician would have the same level of insurance. [IT 513/1-024] 11:33:58 It's 8. Yeah, So I'm going to provide multiple levels right? [IT 513/1-024] 11:34:04 we need to be sure that all of those procedures are done correctly. [IT 513/1-024] 11:34:09 Good pupil. [IT 513/1-024] 11:34:12 But I think it's it's somewhere where we should jointly be working together and trying to work out. [IT 513/1-024] 11:34:19 I mean this is the call Contributions to Wlcg has been the relying party end, So I mean, the the Lhcpos and the Llcg. [Maarten Litmaath] 11:34:20 Maybe maybe [IT 513/1-024] 11:34:30 And you know people like you I mean, we all need to be involved somehow to sort of come up with something which is just worthy. [IT 513/1-024] 11:34:37 Let me [Maarten Litmaath] 11:34:38 So I I suppose I said we could sort of do a Alpha version of that. [Maarten Litmaath] 11:34:44 Maybe that's a description of how the IM services are run in. [Maarten Litmaath] 11:34:49 in certain it. Yeah, So basically description of of the setup. [Maarten Litmaath] 11:34:53 And and and so essentially sort of imitating a bit. [Maarten Litmaath] 11:34:57 How how we need the Ca Self-assessment and peer review are done, and then, and then sort of see you need. [Maarten Litmaath] 11:35:06 If this is, if this is the way forward. So if if you other, let's say parties in our community. Here and talking now about the Igtf would say, Hey, yeah, I mean, I could sort of imitate that and describe let's say the token issues that that we are running [Maarten Litmaath] 11:35:26 and so we could gain some experience with that. But same time, it's not. [Maarten Litmaath] 11:35:31 it's not 5 min work. Yeah, So [IT 513/1-024] 11:35:34 yeah, I mean, we want to be convinced that why we come up with is yeah, lightweight enough that it makes sense. That is doable. Right? [IT 513/1-024] 11:35:42 That means to say, Oh, you've got to write write this 128 page policy documents is not going to make us closer to it than it might seem. [IT 513/1-024] 11:35:53 We already have the the guideline for assessing, and actually each other a deal. [IT 513/1-024] 11:35:59 It's pretty complete. I think we did already go through it, and juice instead of hand way the assessment. So I don't think it would take that much to do I understand that G. O. 71 has got to be updated you know it needs to be approved it's all but all of them what we did in ignored. [IT 513/1-024] 11:36:25 we kept many of the major infrastructure proxies, actually looked at these guidelines that okay, this should be doable. [IT 513/1-024] 11:36:34 So I went through Aga. So many of the Bpa proxies. [IT 513/1-024] 11:36:39 I said, Okay, it's not traditionally or a first try officially adopted document by. [IT 513/1-024] 11:36:45 So this is but it's not just of the Lcgs. Many of the infrastructure, all the grief this makes. [IT 513/1-024] 11:36:54 Sense. I was also looking for the more technical guidance. [IT 513/1-024] 11:36:58 So if we do this, and we have a list of proxy operators that we trust, how do we convey that information to the rest of the world? [IT 513/1-024] 11:37:07 So I can put up on the Itf website a list of trusted open issues like reality. [IT 513/1-024] 11:37:13 Correct or of trust, anchor distribution, but it is interesting. [IT 513/1-024] 11:37:17 The assurance thing is that you know it's kind of the same you think about. [IT 513/1-024] 11:37:20 No, there wasn't one to one mapping aca. [IT 513/1-024] 11:37:23 Have a Cdcps, and was only doing more insurance level Right now. [IT 513/1-024] 11:37:30 We are potentially got token issues, and could say, Well, I can issue to comes according to multiple levels. [IT 513/1-024] 11:37:36 and this love, this Those procedures are fine. [IT 513/1-024] 11:37:39 But I assume that's still true. I mean they would still cryptographically it would still be the same. [IT 513/1-024] 11:37:45 issue, all right, trust list. So yeah, So I I think, having multiple lists for assurance You want comments to say and check the actual. [IT 513/1-024] 11:38:04 yeah, and I have a feeling that it would make sense to actually not have a plane list of Yeah, urls, but actually embedded in some kind of chasing. [IT 513/1-024] 11:38:15 So you can annotate it, based on the well. That was the feedback you got from other people who said, Oh, yes, but I mean, obviously we've been [IT 513/1-024] 11:38:28 And it's not custom. Stone, is it? We're not going to make a decision this afternoon. [IT 513/1-024] 11:38:34 I'll So the direction of you know. This is what we're working on right now. [IT 513/1-024] 11:38:45 Oh, we need to. We'll learn together. We can. We can try to. [IT 513/1-024] 11:38:46 I can create Jason File and let's see if it's useful. [IT 513/1-024] 11:38:50 If people can post that this [Maarten Litmaath] 11:38:50 yeah, you should. You should maybe be careful as with how you formulate. [Maarten Litmaath] 11:38:55 It's head, because because it could piss some people off. [Maarten Litmaath] 11:38:59 And so? Why is my token, if you are not in that list? [Maarten Litmaath] 11:39:04 And of course the answer is, well, because you didn't follow the procedure, and so that's a we should use terminology. [Maarten Litmaath] 11:39:14 Let's say that is not yeah going to to offend people in some way. [IT 513/1-024] 11:39:19 hmm. [IT 513/1-024] 11:39:19 Hmm. I think this is quite justifiable. Then. [Maarten Litmaath] 11:39:20 It's just sort of [IT 513/1-024] 11:39:23 I mean the members of Wtg. Are used to there being some kind of control about the certificate authorities that are trusted. [IT 513/1-024] 11:39:34 So I mean yeah, one of the attractions of token simplicity is that we it doesn't come with all this And now, if we start saying, Oh, by the way, you've got to do exactly the same, thing But people who are surprised And annoyed. [IT 513/1-024] 11:39:50 And but it's not but it's a very valid point that there has to be a procedure to get into the trust list. [IT 513/1-024] 11:40:01 Yeah, And that's needs to be very clear on. How do you get here? [IT 513/1-024] 11:40:07 So we have to make it as lightweight to zoom not over heavy to actually completely annoy people. [IT 513/1-024] 11:40:15 And say, you mean I've got to come to some Igtf meeting, and I've got a channel to to do this told us that we can do a lot of things remotely yeah, and I'm I'm still really impressed by the elusive through a 3 day meeting [IT 513/1-024] 11:40:32 in so, and don't die in the process, and I think we should be mindful of making things as efficient as possible as well. [IT 513/1-024] 11:40:43 Maybe a three-day meeting is slightly overcoat. [IT 513/1-024] 11:40:52 Well, it could be a, you know, completely separate set of meetings, separately to be built into. [IT 513/1-024] 11:40:56 There you go! Otherwise these are only 3 times a year. [IT 513/1-024] 11:41:01 So if you want to have some agility you have should have a quick approach us. [IT 513/1-024] 11:41:07 That's good. Complete In a few weeks or so. I mean the difference again. [IT 513/1-024] 11:41:12 Going back to that, that'll be able to go back to the history too. [IT 513/1-024] 11:41:16 But the difference was when we were setting up all, these new national Ca's. [IT 513/1-024] 11:41:18 They all had EU funding to do it. So, as I said so in this book, people and travel and all sorts of things were funded because, they were part of some project. [IT 513/1-024] 11:41:26 This is and we're in a different world now, right although the major proxies and token issues are still extremely well funded. [IT 513/1-024] 11:41:35 Yeah. Yeah. Thank you. Not by the EU. But [IT 513/1-024] 11:41:44 I was, as we've always said in the past. We we want to discourage the the approach where, so I'm a graduate student, does it on the machine in the course this is completely trustworthy for this. [IT 513/1-024] 11:41:57 without thinking it through properly, using. Really, and the identity proofing? [IT 513/1-024] 11:42:02 Are we doing the identity proofing correctly? I mean Wlc. G. [IT 513/1-024] 11:42:06 We have very good ideas to prove things through the user office and registration, but other communities will need to think kind of a moral obligation on the Usg to show that it can be done in the right. [IT 513/1-024] 11:42:20 Way, velocity does it in a very good way, both vetting and operations. [IT 513/1-024] 11:42:26 But if Fc. Doesn't do it, there's no incentive for anyone else to do it in the proper way, either but it's not cheap. [IT 513/1-024] 11:42:34 The whole registration system, but it's felt to be necessary, not just for the computer [IT 513/1-024] 11:42:46 Updating your access paths every couple of years. Extremely expensive. [IT 513/1-024] 11:42:51 Yeah, Thank you. Back. Just comparing the new tokenbee system to X, over 9 in the X over 9 world. [IT 513/1-024] 11:43:01 It was always possible for people to configure their own cas that were trusted and bypassed. [IT 513/1-024] 11:43:07 The trusted bundle. Right? So we're not. [IT 513/1-024] 11:43:10 We're not asking people to do anything particularly different to the old way It's just that people have already started manually configuring, which it's always a relying party decision. [IT 513/1-024] 11:43:22 You can baptize what you trust. Yeah. But for interoperation between research communities between infrastructure and everything, it's good. [IT 513/1-024] 11:43:32 If we have something which is a bit, Yeah, it is interesting to talk about what people configuring their own trusted endpoints what are the ways to actually configure? [IT 513/1-024] 11:43:46 It? Do we need tooling around getting the list from? Say, adjacent file, and inserting it somewhere? [IT 513/1-024] 11:43:52 What is that I playing text file that needs to be populated with some controls? [IT 513/1-024] 11:43:58 Or is that the database is short action? This is the Guru action [IT 513/1-024] 11:44:06 That the answer is, Yes, I'm not. No idea, in the building. [IT 513/1-024] 11:44:09 It's not just a text file to get put somewhere, and anyone who configured a token pretty long party recently. [IT 513/1-024] 11:44:17 Not. Do you know how it's going in, or David [Maarten Litmaath] 11:44:22 So What do you mean with that? Exactly. [IT 513/1-024] 11:44:27 Okay, if you have a so you can retrieve a Json file from a trust. [IT 513/1-024] 11:44:32 If you are all, how do you then take the token issue or endpoints from it, and configure it in your own reallowing party systems? [Maarten Litmaath] 11:44:33 Yeah. [Maarten Litmaath] 11:44:41 Well, I mean for now let's say myself, I've just needed to do this on a very small scale, which just you know will copy paste essentially So I'm not not not let's say, into having to sort of automate this because because of of of large [Maarten Litmaath] 11:45:04 scale. So do you? The only use case. It's I'm currently concerned with is is how to how to configure an Hc. [Maarten Litmaath] 11:45:14 On the compute element, so that it it accepts my let's say, token issue and that's a sense You just so say not more than not much more than one line in a configuration file. [Maarten Litmaath] 11:45:29 Right so others that say May May may have to do much more than that. [Maarten Litmaath] 11:45:36 And and then, of course, we would have to find out whether there is 100, some common software so that could be that could be employed to simplify life. I certainly need. [Maarten Litmaath] 11:45:49 If this Jason document is going to be to be there. [Maarten Litmaath] 11:45:53 And I could imagine. Let's say, that some people will want to to to automate things based on it. [Maarten Litmaath] 11:45:59 Then again you would still have to decide which of those issuers you actually want, so you would still have to have your own configuration file anyway. [Maarten Litmaath] 11:46:10 That says Yes, give me the one for Atlas and Cms, but not the others. [Maarten Litmaath] 11:46:15 So. I think. Let's say that this this document yeah should essentially be a Jason file, that you could just serve on a map server so that you can browse it. [Maarten Litmaath] 11:46:29 And of course also download it with the girl. For example. [IT 513/1-024] 11:46:34 Yeah, but it also points to the need for having a I simple tool to do selections based on their chasing crime. [Maarten Litmaath] 11:46:42 Yeah, well, I suppose that's say there must be python trickery. [Maarten Litmaath] 11:46:47 Let's say to to to do that, but I I'm not sure what to say that we should try and sort of solve it all. [Maarten Litmaath] 11:46:54 Let's say during this meeting, and So, this is something that's that hopefully will sort of grow naturally, and then people will, you know, come up with a things that they can share with others. [IT 513/1-024] 11:47:12 Yeah, But having. I'll probably have a look when we get to a format discussion this afternoon. But we can also provide a simple tool to go along with it [Maarten Litmaath] 11:47:22 Alright. [IT 513/1-024] 11:47:30 Okay, Amy, other comments for only this topic before we go to Geo Problem. [IT 513/1-024] 11:47:42 How many other people have joined. By the way. [Maarten Litmaath] 11:47:47 I think there's only a bunch of people that have left, and I also need to leave in a few minutes [IT 513/1-024] 11:47:57 Okay, So what do we do with the agenda, There's a lunch planned. [IT 513/1-024] 11:48:02 Apps, Oh, 30! Is that still a good time? Hello. But it's always a good time, for we have access to the data center from 1 30 for a little tour if you want to go no it can probably also be a little bit earlier. [IT 513/1-024] 11:48:27 it's this data center tour And [IT 513/1-024] 11:48:28 It's this data center tour, And it was easy. I've I've seen it I It's not the case that I I actually have have. [IT 513/1-024] 11:48:37 You know questions as as one, you know. Tier, one manager to to ask him about Alexander. [IT 513/1-024] 11:48:43 Somebody's showing us around. So I'll ask him about how you're managing cooling and power supplies to. [IT 513/1-024] 11:48:53 That's not okay. It was. If if there was like, gonna be some day center experts there, I would then and grill them. [IT 513/1-024] 11:49:00 Nice, sorry contact with them separately Yeah, would be Wayne. [IT 513/1-024] 11:49:06 no, no, no, I I'm I just don't know. [IT 513/1-024] 11:49:16 I can just go in there Passing on. I was just thinking we can all walk around the expense if we feel like it, but I have not planned anything you should come with us. Then. [IT 513/1-024] 11:49:19 You can tell us what it was. Yeah, exactly. That's all right. [IT 513/1-024] 11:49:26 You do realize that I have been banned from the the Raoul Data center Because I run those teams break and the fear of me poking, something and being like, Well, what's this? [IT 513/1-024] 11:49:41 So I'm already allowed in there [IT 513/1-024] 11:49:55 You know you've made it when when you know it's just admins, Revoke your your actual [IT 513/1-024] 11:50:02 Okay, Shall we have to do a short introduction to Geo. [IT 513/1-024] 11:50:07 71 just for the people who don't. No, it's yet [IT 513/1-024] 11:50:15 Huh! At least Guy left us, said that man. Yeah, she would. [IT 513/1-024] 11:50:24 g, o, 7 [IT 513/1-024] 11:50:25 G. O. 17, sharing this one [IT 513/1-024] 11:50:33 I just have a very brief introduction who doesn't know about Po. [IT 513/1-024] 11:50:39 71 could you say its other name? The [IT 513/1-024] 11:50:49 The human 10. We still did it [IT 513/1-024] 11:51:00 Okay, has been a long time in the making [IT 513/1-024] 11:51:10 This form you all know, and not art blueprint architecture. [IT 513/1-024] 11:51:17 This is the unnotated one is an annotated version. [IT 513/1-024] 11:51:20 That's and a mate, which is even nicer [IT 513/1-024] 11:51:26 I'm not that skills in organizing information. I just put a couple of boxes around it. [IT 513/1-024] 11:51:33 So we have standards for authentication, identity sources certify our offification profiles. [IT 513/1-024] 11:51:42 There's Miss. There is educators, Raft. There is a lot there is. [IT 513/1-024] 11:51:49 There are standards around the protection of credentials of it from 40. [IT 513/1-024] 11:51:55 There's lots of stuff in Sb. 853, and on the bottom, and there's also 27 K. [IT 513/1-024] 11:52:05 More sure defy and security response plans. There was nothing 4 this bit credential stores and deposit, so [IT 513/1-024] 11:52:21 We wrote the Updated guideline for secure operations of attribute authorities and other issuers of access granting statements. [IT 513/1-024] 11:52:31 That's too long and title. So that's why I like to o 70. [IT 513/1-024] 11:52:35 One [IT 513/1-024] 11:52:42 Structured around the concept of aa operators on aa operator can run 0 or more attribute authorities. [IT 513/1-024] 11:52:52 That comply with this kind, as if they comply with. [IT 513/1-024] 11:52:56 If you operator complies than all its attribute, authorities that are in scope also apply the same complex, so you can set up multiple attribute authorities in the same system [IT 513/1-024] 11:53:11 Oh, it does that on behalf of one or more communities that are trusted by relying parties, and we went through about 50 or so simple. [IT 513/1-024] 11:53:27 One line requirement statements like Amr one. It's the community mostly Find a document semantics, lifecycle data protection, release policy. [IT 513/1-024] 11:53:36 That's true. Thought or asserted by D. A. [IT 513/1-024] 11:53:39 A Yes, I's a simple statement. So that's what the community goes to. [IT 513/1-024] 11:53:45 And then there's a bit of guidance below it on how you should actually interpret that, and very find out who self-assessed [IT 513/1-024] 11:53:59 it should work for a range of scenarios. The traditional push model, which is, say, some attribute statements or forms attributes difficult, but also the full models should work so many years ago, through the service, and then the server. [IT 513/1-024] 11:54:15 Stalks back to the Aa traditional use. Cases are elder lookups or user info endpoints in Albany connect [IT 513/1-024] 11:54:31 I think many of us are implement the recommendations implicitly to some extent, either because just the software does it like similarization assertions are typically signed. [IT 513/1-024] 11:54:41 Jobs are typically signed by software because we have a pretty good data center and already has some central loving in place. [IT 513/1-024] 11:54:50 You signed up to certify, because you can, and you have some trained it. [IT 513/1-024] 11:54:56 Operations personnel that is actually not a boss which, looking after a certain [IT 513/1-024] 11:55:05 all those are kind of intuitive, best practice, I would say. [IT 513/1-024] 11:55:09 Look assigning a you unique and lasting name to a group or community, or your actually implement. [IT 513/1-024] 11:55:20 The control starts. You're actually old to have documented. [IT 513/1-024] 11:55:23 In the first place, So what did we do? We wrote guidelines. [IT 513/1-024] 11:55:30 hey kiss, Major relied parties and infrastructures, reviewed it, and it got a and goorsed by. [IT 513/1-024] 11:55:39 I just finding all of the proxy operators that are represented in Agus. [IT 513/1-024] 11:55:47 So each yard check in at your teams. W. Osieg, ex exceed access all of that. [IT 513/1-024] 11:56:00 it is also being used. As input for the Eosk collective proxies, as good practice, guidelines, what it actually in itself doesn't, as address, any assessment or review process just it says that you need to lock information and make it available for self assessment what is that in where does [IT 513/1-024] 11:56:22 that recommendation kuriosk happen [IT 513/1-024] 11:56:28 Whereas it encoded following. I've got Wiki somewhere. [IT 513/1-024] 11:56:38 that's in the Aa Federation requirements. [IT 513/1-024] 11:56:40 I'm not sure that crystals already posted out that should comply with the security operational baseline. [IT 513/1-024] 11:56:50 We should comply with the or precious straight requirements for AI federation; and as part of those registration requirements you should meet, certify, and Aos [IT 513/1-024] 11:57:07 So that was my bit first version. The [IT 513/1-024] 11:57:16 I'm going to share this one [IT 513/1-024] 11:57:26 It's a fairly short document [IT 513/1-024] 11:57:33 I'll pick in Snowmore. It's no more than 14 pages, of which a lot of the pages are explanatory text and definition of terms. [IT 513/1-024] 11:57:42 And then on page. This is 5. The operational client start [IT 513/1-024] 11:57:54 I think. Oh, but if you actually like the documentation for the self-assessment, it's no longer about 15 pages. [IT 513/1-024] 11:58:02 I'm preferably shorter [IT 513/1-024] 11:58:11 And we describe naming that'sute management and release attribute assertions. Operational environment key management, not for configuration, site, security metadata publication and assessment, and review, but the last one is mainly for the communities. [IT 513/1-024] 11:58:40 Prophecy and confidentiality business, continue and disaster, recovery. [IT 513/1-024] 11:58:45 And then some relying party obligations, I should do actually check the assertions. [IT 513/1-024] 11:58:52 You can form an absolute authority [IT 513/1-024] 11:58:59 This was the simple bit. Now I'm still hoping, but [IT 513/1-024] 11:59:09 Real. Have some proxy operators on [IT 513/1-024] 11:59:15 So I don't see nucleus or Francisco, but we do have phone. [IT 513/1-024] 11:59:31 Oh, no, I know you want to say a few words about a certain one [IT 513/1-024] 11:59:38 Yeah, terms of whether I think it already complies, or Oh, what specifically sorry Whether it complies or how you want to go for, or or a general introduction to what the proxy you have? [IT 513/1-024] 11:59:56 A: Yeah. So we a running indigo young for the Wtg experiment. [IT 513/1-024] 12:00:03 They are each integrated with just one identity provider, which is the serve identity provider, and we are operating on the model that everybody has a third account. [IT 513/1-024] 12:00:13 So we're not really using federated identity at the user level, unfortunately. [IT 513/1-024] 12:00:21 But this is what we have at the moment, and then in the future, potentially, we can stop giving send accounts to people and really use educated. [IT 513/1-024] 12:00:29 But at the moment that's not the case that we're we're starting for what we have. [IT 513/1-024] 12:00:33 so a user would come in through, send single sign on, and get to the Wtg. [IT 513/1-024] 12:00:39 I am, instance, for whichever experiment they are. A part of this is integrated with the Hr database at Zoom, so the person will have already done some identity, betting The one awesome we don't need to take care of any of the identity voting that's done in an advanced process where [IT 513/1-024] 12:00:57 they normally, they do it in person. Identity checks, And so we can issue a blanket statement for the level of assurance for our people really and the similar way to the to the old cas And But I know that's not the case though for every issue I who might have some varying levels [IT 513/1-024] 12:01:17 of assurance for us. It's it's all Have a fairly simple use case with face to face. [IT 513/1-024] 12:01:24 I'd love to see betting. We're deploying. [IT 513/1-024] 12:01:28 The issue is on openshift, but it's not a segregated open chef. [IT 513/1-024] 12:01:36 Server. Instance, so they're There are multiple things running on this and some of them are not critical services. [IT 513/1-024] 12:01:41 So I think that's one area where we which currently failed the assessment, and something that I'll be looking into [IT 513/1-024] 12:01:50 Otherwise everything looks fairly good. I did go through the document as well with Andrea before he left, and he didn't see anything particularly worrying about. [IT 513/1-024] 12:02:00 It. So I think, I added, built in weather, does comply with this largely obviously depends how you deploy it but overall I think it would be not too much work to to do an assessment gradually short documents and put it in place right. [IT 513/1-024] 12:02:26 Looks extremely helpful. Okay? [IT 513/1-024] 12:02:36 notable. [IT 513/1-024] 12:02:37 The other one running a proxy is probably phone [Thomas Dack - STFC UKRI] 12:02:44 yeah, So we. So we are also running indigo. I am for Irs. [Thomas Dack - STFC UKRI] 12:02:52 We do make more use of the Federation identities [Thomas Dack - STFC UKRI] 12:03:07 I did. Just get. I go caught by someone saying there was a problem with it, and so I missed some. [IT 513/1-024] 12:03:07 how are you? [Thomas Dack - STFC UKRI] 12:03:14 Of what Hannah said, so [IT 513/1-024] 12:03:20 I said, Everything's fine. Great looks wonderful [Thomas Dack - STFC UKRI] 12:03:23 Yeah, I mean for the most part, ours is all fine as well. [Thomas Dack - STFC UKRI] 12:03:31 But again, I can have a look at, and basically probably do some of what has just said [IT 513/1-024] 12:03:42 I would really be in favor of trying to keep the assessment process and any documents that other result of it, as simple as possible, which I suppose has always been the AIM. [IT 513/1-024] 12:03:55 But I think in the past things tended to be fairly verbose, and maybe this would be an opportunity to do things [IT 513/1-024] 12:04:02 And you're ready as I showed you as possible, just factual statements trying to avoid too much language, evolved. [IT 513/1-024] 12:04:13 Let's see this. I feel like we often get to a situation where we've written something that 2 outlines makes perfect sense. [IT 513/1-024] 12:04:20 But then somebody else reads it in is completely lost So this will be an opportunity to make things understandable to people who are not part of these meetings. [IT 513/1-024] 12:04:28 That would be. I mean something beyond the Gio document. [IT 513/1-024] 12:04:35 Yeah, I I assume that each of us who run took an issue as we'll need to provide the stuff assessments. [IT 513/1-024] 12:04:42 there is [IT 513/1-024] 12:04:48 It's very nice to hear people say it's fine doesn't really tell us. Shouldn't we actually go through the requirements a document with a table that you just fill in. [IT 513/1-024] 12:05:08 and of course what we've often done then for exponential cas in the pma is to have a presentation. [IT 513/1-024] 12:05:14 Then somebody was, you know. Now do we need that? Or is that overkill the system? [IT 513/1-024] 12:05:22 Coupling at the moment. We're still trying to learn what is easier to have a couple of people work together while writing the document. [IT 513/1-024] 12:05:33 So when the the stretch sheet is done well, actually fill the spreadsheet and especially it's done. [IT 513/1-024] 12:05:39 Actually the process is also done [IT 513/1-024] 12:05:44 current self hold it because that can complete within essentially. [IT 513/1-024] 12:05:50 One afternoon. [IT 513/1-024] 12:05:54 But one of the great benefits of the body. This is the then each of the attribute authorities can learn from each other right so actually having sdfc uncertain okay, this that way, that's interesting. [IT 513/1-024] 12:06:12 And as I said, even more importantly, do we need to multiply. [IT 513/1-024] 12:06:15 Geo. 71. Is it not clear, is it Well. [IT 513/1-024] 12:06:20 Yeah, And I think maybe one thing that is not clarified necessarily by the document is whether you need to take into account the trustworthiness of the identity providers upstream as well, probably hopefully, not because otherwise we'll never get anywhere. [IT 513/1-024] 12:06:39 But I think it might need to be made expensive [IT 513/1-024] 12:06:45 It's easy for you. Yeah, Yeah, but I already heard that we didn't comply with some of these things. [IT 513/1-024] 12:06:51 At the sensible sign on there. Oh, even that Well, the first stage is to document. [IT 513/1-024] 12:06:59 it is No, it was born mentioned. [IT 513/1-024] 12:07:06 The operational environment is running into via This running does not comply suggested here. [IT 513/1-024] 12:07:14 What's the effect that non-compliance? [IT 513/1-024] 12:07:17 And there are probably very good reasons why you don't apply. [IT 513/1-024] 12:07:19 It's not just just email, well, it's complex because of There has to be some some individual case. [IT 513/1-024] 12:07:30 Analysis, rate, so, if really we're running a very small team of people to operate this, I me. [IT 513/1-024] 12:07:36 And hopefully, one of the person who'll be joining at some point in the future. [IT 513/1-024] 12:07:39 Is it more risky for us to, Is it more risky for us to set up our own capabilities cluster that would be managed fairly, amateurishly. [IT 513/1-024] 12:07:49 Well for us to use an open shift custom and given that we might not have money to have more people available with the technical expertise and the time to dedicate to, it we, might have to choose doing these 2 options. [IT 513/1-024] 12:08:03 And I hope you this could be used to put pressure on various faces to have the team well funded. [IT 513/1-024] 12:08:09 But that might not be the case in all organizations that you have to make a decision between 2 or options which you know are not ideal. [IT 513/1-024] 12:08:16 But does that mean that the token issue cannot be run there? [IT 513/1-024] 12:08:20 Or I suppose you went through all this with self-assessments for the Cas as well [IT 513/1-024] 12:08:27 The minds, people. I'll give the arguments we used to have with between firmware and yes, that right. [IT 513/1-024] 12:08:33 Why should we buy really expensive? That's nothing. [IT 513/1-024] 12:08:39 We've built a new building, right? That's a but [IT 513/1-024] 12:08:45 It don't per 1 million building buildings at all. Ca. [IT 513/1-024] 12:08:52 We're not expecting that ultimately. It's but no, it is this balance between trust them. [IT 513/1-024] 12:09:04 It's up to the reliability whether they trust a token issue. [IT 513/1-024] 12:09:07 Yeah, I mean it. If I was to inject some depression into this that I suspect affordability will be going up the priority list and then writing it. [IT 513/1-024] 12:09:20 the security attack is also going priority list in all organizations that so it's a balance, right? [IT 513/1-024] 12:09:26 People got to decide. There is a limits to it. [IT 513/1-024] 12:09:31 So yes, but you know, if you've got your your argument would have to be the it is worth. [IT 513/1-024] 12:09:36 You know the the benefit that we get is worth taking away, made deployable results is to to set up separate infrastructure, and to set up separate infrastructure properly He's very expensive, and I you know. [IT 513/1-024] 12:09:51 The Yes, it's a decision. Running W Lct. Cost many hundreds of millions of Swiss francs a year. So don't tell me we can't default the like infrastructure for the critical identity somebody's got to work out, with, you can be surprisingly but you know if you want to [IT 513/1-024] 12:10:09 do, a dedicated thing and actually have the phone support. Want. [IT 513/1-024] 12:10:15 It is surprisingly expensive, because and I was saying, you know, if you've got a TV, 2 people, one and a half people, you've got, you've got risks and things there if if if one of them goes away and there is it does. [IT 513/1-024] 12:10:29 It does cost, You know. This is surprising about costs for saying all to do something separately. [IT 513/1-024] 12:10:35 we've got to do the right analysis. We're seeing a very strong trend that it's much easier to get money for running things in the cloud than it is to get. [IT 513/1-024] 12:10:48 People, okay, Wish I think, is probably the case everywhere and this document should make it possible to run these things. [IT 513/1-024] 12:10:54 How we run in the cloud. You still need. People So with some level, the security Yeah, no, I mean, we should not pre predict the outcome of any of this. [IT 513/1-024] 12:11:14 But we should look at all [IT 513/1-024] 12:11:32 good. [IT 513/1-024] 12:11:35 That's all really useful, We're losing more participants now. [IT 513/1-024] 12:11:43 maybe we should also have a look at lunch, and then, after lunch, and then we're moving rooms together. [IT 513/1-024] 12:12:00 No, we hear all day. I think yeah, we stay here. [IT 513/1-024] 12:12:05 Yeah, then, after lunch, we could actually go through the list with one local and friendly Aao Oprah: Joe, you want to volunteer? [IT 513/1-024] 12:12:24 Yes, yeah, friendly. [IT 513/1-024] 12:12:37 oh, damage! You think! Love them! I I I made it to oe too. [IT 513/1-024] 12:12:43 Oh, it's This is literally the text from requirements. [IT 513/1-024] 12:12:47 Yes, I have to do this. I do have to skip out at 2, probably for half an hour. [IT 513/1-024] 12:12:54 so, if something else could be discussed at that point, that would be great, Or is Tom? [IT 513/1-024] 12:13:01 Are you sure to me? Well, Tom slums over? Yeah. [Thomas Dack - STFC UKRI] 12:13:02 I'm still here [IT 513/1-024] 12:13:06 Do you want to try it as well [Thomas Dack - STFC UKRI] 12:13:07 Yeah, I can. Do you hear it? Good. [IT 513/1-024] 12:13:14 Great. Shall we try that out 2? We start off with Uk: Iris going through the list, and then on them, and how it comes back when we go. [IT 513/1-024] 12:13:27 You see [Thomas Dack - STFC UKRI] 12:13:32 It's good to me [IT 513/1-024] 12:13:35 thanks. Hope we'll have a 1 h, 30, 45 min. [IT 513/1-024] 12:13:39 Break. I'm going to save the [IT 513/1-024] 12:13:46 Transcript: Few. Full Transcript. [IT 513/1-024] 12:13:59 See. [IT 513/1-024] 12:14:11 Is he be full, transcript, saved even before then? [IT 513/1-024] 12:14:16 Sure. Do you have Cloud? Amazing! The transcript now only starts at 1034, so we lost part of the transcript. [IT 513/1-024] 12:14:35 That surely was there before in circuits. I anyone else click on save [IT 513/1-024] 12:14:43 then then I do have please save it. Oh, that's it's not that much There's 20 min more than I have now Yeah, Well, it's mostly you go while I say it didn't know that the I think if you say everything. [IT 513/1-024] 12:15:04 it's just something [IT 513/1-024] 12:15:18 yeah. [IT 513/1-024] 12:15:28 didn't know that [IT 513/1-024] 12:15:29 Didn't know that the easy chip experience. No, it's supposed to chat. [IT 513/1-024] 12:15:33 It's a transcript. Oh, the Transcript. [IT 513/1-024] 12:15:36 Sorry I was setting the chat here. Sorry go Transcript Cool. [IT 513/1-024] 12:15:40 That's another full time. So coach, you're still sorry I was. [IT 513/1-024] 12:15:50 I was just on chat [IT 513/1-024] 12:16:03 So the thing is if you close the transcript. [IT 513/1-024] 12:16:08 indeed. That's completely fresh. Transcript. [Ian Collier - STFC UKRI] 12:16:11 okay. [IT 513/1-024] 12:16:16 So whoever saved the transcript, please send it to me. [IT 513/1-024] 12:16:26 okay wasn't even to where we had a transcript, and wasn't the way that even Zoom was that friendship [IT 513/1-024] 12:16:36 Okay. [Ian Collier - STFC UKRI] 12:16:36 Oh, it has all the fancy things these days [IT 513/1-024] 12:16:40 Oh, so we are kind of the fully monitor, the American. [IT 513/1-024] 12:16:45 So, whoever? Oh, yeah, the Chinese as well, you're right. [Ian Collier - STFC UKRI] 12:16:47 Chinese, I think, isn't it [IT 513/1-024] 12:16:49 If by chance you have it, it makes really interesting transcripts, because at some point it said, you can baptize what you trust. [Ian Collier - STFC UKRI] 12:17:00 Hmm. [IT 513/1-024] 12:17:03 Yeah, even. The hmm is in [IT 513/1-024] 12:17:09 4 point, 7 million people be good? Okay? Sure. [Ian Collier - STFC UKRI] 12:17:09 Okay, I'm gonna leave you to it. I will see you later on. [IT 513/1-024] 12:17:17 okay. [IT 513/1-024] 12:17:22 This is scoopy still. Yes, yes, the latest going on. [IT 513/1-024] 12:17:31 Yeah, he went up before in the okay. Seems to be that it never goes down. [IT 513/1-024] 12:17:42 I don't think [IT 513/1-024] 12:17:43 I don't think this could be yeah, so okay, unless they [IT 513/1-024] 12:17:52 We can leave stop here. I think so. Yeah, and we can. [IT 513/1-024] 12:17:56 I mean, lock the door. But it's accessible to anyone with an access card, so it's not completely locked. [IT 513/1-024] 12:18:03 Seems to be relatively low. Risk-risk. Assessment says, Be fine and have you? [IT 513/1-024] 12:18:13 Have you not seen whose offices are on? That? That's horrible. [IT 513/1-024] 12:18:16 Yeah, unshared that. Okay, I would. Okay. [IT 513/1-024] 12:18:27 pretty [IT 513/1-024] 12:18:35 Again. I I yeah. [IT 513/1-024] 12:18:47 and then. [IT 513/1-024] 12:18:49 hmm. [IT 513/1-024] 12:18:57 Yeah. [IT 513/1-024] 12:19:04 The Product committee, Bryce, you see, is holy this evening. [IT 513/1-024] 12:19:09 we are planning on. Hmm [IT 513/1-024] 12:19:14 Okay. [IT 513/1-024] 12:19:21 Well, we can lock the door, but anybody [IT 513/1-024] 12:19:28 we can lock the door, but anybody with an access, bus can yeah [IT 513/1-024] 12:19:32 Object. [IT 513/1-024] 12:19:36 I used to learn that he had to cool [IT 513/1-024] 12:19:56 nice nice it seems just refuge was doing yesterday. [IT 513/1-024] 12:20:13 just shut it down, you know. Yeah, I'm gonna see you highlighting it 6 Well, I don't know whether I've messed it up. [IT 513/1-024] 12:20:29 Thank you. Are we back in the center? Yes, and so multi-million. [IT 513/1-024] 12:20:52 good to see you. Were you in the in the office next door about me? [IT 513/1-024] 12:21:00 Okay, we'll see you later. You see, it's just me study. It's just reboot. [IT 513/1-024] 12:21:06 Okay. [IT 513/1-024] 12:21:11 Honestly, there's also one over in the engines today.