WLCG AuthZ Call

Thursday 14 Sept 2023, 16:00 → 17:00 Europe/Zurich

Previous Actions:

• Action, Maarten: Start a VO information in token (for accounting purposes) discussion on the Mailing list late August to revisit and converge on a plan once summer holidays are more likely to be over
  • No need to follow up yet - just for tracking

Proposed agenda:

• Reminder: CHEP Paper, submission due 8th Sept
  • Edit link is in the mailing list - or email thomas.dack@stfc.ac.uk

 

Zoom meeting:

Link below, in the videoconference section. Please ensure you are signed in to Indico to see the meeting password!

Next Meeting: 

• September 28th

Participants: Lina, Hannah, Angela, Dimitrios, Stefano, John, Mischa, Julie, Petr, Roberta, Francesco, Jim, Petr, Andrew

Notes: 

Proposed agenda item from Mischa

Brief background: There have been different, independent calls for
unifying some or all of the profiles. I think BrianB brought this up a
while ago that we might unify WLCG and SciTokens. Recently we had Paul's
https://github.com/WLCG-AuthZ-WG/common-jwt-profile/issues/44 .
Meanwhile the AARC community WG is discussing how the format of e.g. the
groups could be changed such that it would be acceptable for WLCG and
still be interoperable. Another concern that has been raised, for
example, is by site admins who have serious worries about having to
support different profiles while even a single one can be challenging.
The plan for a single profile was also discussed in the AEGIS call last
Monday.

I personally hope and really think we should be able to get everyone to
agree on a single Grand Unified Token Profile and I think this would be
a really massive improvement for both resource and software providers.

• AARC is considering changing the format of the groups already (so it would be more compatible with WLCG)
• General consensus that merging would be good (discussed in AEGIS)
• Profiles: AARC/EGI, WLCG, SciTokens (minor differences between WLCG and SciTokens)
• Generally we probably have enough overlap with AARC and AEGIS (although last call was fairly empty)
• TIIME meeting planned in Jan - we should make some progress on the mailing list beforehand https://tiime-unconference.eu 
• app-int mailing list might be an appropriate place, but can also make a new one
• REFEDS is an option, but not necessarily very pro-oidc
• OIDF also an option
• Mischa will discuss further at upcoming HTCondor week