- Compact style
- Indico style
- Indico style - inline minutes
- Indico style - numbered
- Indico style - numbered + minutes
- Indico Weeks View
Help us make Indico better by taking this survey! Aidez-nous à améliorer Indico en répondant à ce sondage !
Topic: WLCG DOMA BDT Meeting (twiki)
NOTES
FTS wants to go with the token per (Storage, <src|dst>) approach, as opposed to a different token for each particular token.
It is the responsibility of the user to provide the appropriate credentials, similarly to how they do right now via the proxy certificate delegation.
FTS to introduce a delegation mechanism for tokens:
- Tokens will be delegated according to a (CredID, Storage, <src|dst>) tuple
- Clients will be able to delegate to "*" storage, a particular storage or (Storage, <src|dst>) pair
- The delegation endpoint will be adapted to also list a user's delegated tokens
CredID (credential ID) is a hash function of certain token fields. For the moment, that includes: "sub", "wlcg.groups" and "iss".
Should "scopes" be part of the CredID?
For convenience, FTS will provide transparent delegation via the command line tools. Example:
$ fts-rest-transfer-submit --access-token <token_for_fts> --src-token <src_token> --dst-token <dst_token> -s https://fts3-pilot.cern.ch:8446/ <src> <dst>
<token_for_fts> - created the CredID for the delegation
<src_token> - token to delegate for source storage
<dst_token> - token to delegate for destination storage
Meeting Notes
- Include "storage.*" scope in the CredID
- When does the token delegation end? Has to be defined
Dedicated meeting
Draft plan for networking mini-challenges and network related activities for this year:
https://docs.google.com/document/d/11AwUiyJit_241A4DfHbt-93Z-6BZ2CBwqMApoVXWpbk/edit?usp=sharing
Packet Marking WG meeting took place 24th of January (https://indico.cern.ch/event/1244448/) - focus of the meeting was to discuss plans for this year
Discuss with experts improvements in the error messages produced by failed transfers.