WLCG AuthZ Call

Thursday 16 Nov 2023, 16:00 → 17:00 Europe/Zurich

Previous Actions:

• Action, Maarten: Start a VO information in token (for accounting purposes) discussion on the Mailing list late August to revisit and converge on a plan once summer holidays are more likely to be over
  • No need to follow up yet - just for tracking
• Action, Mischa: Mischa to look to setup a "neutral" mailing list to facilitate cross-community discussions around unified token profile
  • Completed - email inviting WLCG AuthZ to register has been sent

Proposed agenda:

• DC24 Workshop reporting
• GUTS - meeting doodle, and update

 

Zoom meeting:

Link below, in the videoconference section. Please ensure you are signed in to Indico to see the meeting password!

Next Meeting: 

• Nov 23rd

Present: Tom D (Notes), Linda C, Mischa S, Enrico V, Matthew D, Maarten L, Angela CB, Julie M, Berk B, J G, Federica A, Mine AC, David C, Roberta M

Apologies: John SdS, Dave D

Proposed agenda:

• DC24 Workshop reporting
• GUT - meeting doodle, and update

Notes:

GUT: list can be signed up here https://mailman.nikhef.nl/mailman/listinfo/gut-profile
Doodle for first meeting to be closed tomorrow, 17th November
If you have not previously joined, you may check the archive for previous emails.

DC24:
Timetable with slides: https://indico.cern.ch/event/1307338/timetable/#all.detailed 
A few token presentations were covered and how they were planned to be used.
Clear not everything was crystalized at this stage, but no obvious showstoppers.
Maarten pointed out that whilst it is an important milestone, it is just a milestone - it is important for using the full token machinery in realistic conditions, and to use this to identify areas things may fall down. Then, simplifications can be used, or compromises made before drawing conclusions and next steps following "post-mortem" and wrap-up meetings.
DC24 chairs will present summary at Tuesday's management board - Maarten will forward the agenda to the AuthZ mailing list after the meeting so people can check and understand details.
This will then be presented in the December GDB.

Next IAM update:
Issue found with the next 1.8.3 version
Issue pertaining to a dependency - was not found within the internal tests, and relates to the VOMS proxy endpoint.
Maarten suggests using the CERN test/dev instance for deployment testing - Berk notes that with this case, he tested the IAM endpoints but did not test the VOMS endpoints.
Enrico suggests using the CNAF WLCG instance for testing the release candidate, noting that this has VOMS endpoints in use. 
Berk to look to test the next release candidate using the CERN dev instance - if given admin access will be able to test VOMS endpoints also. 
Maarten, Berk and Enrico to look at move this forward.

Maarten:
Will go through profile pull and merge requests to check status. Believes a number of these will be easy and will be simple merges. 
This includes the previous discussion of precedence of Scopes over Groups at the service level. This is implemented by DCache, however the pull/merge has not yet been updated.
The outcome here is an updated version of the profile - which will need a discussion around the 1.2 or 2.0 naming needed.
Some cases it has been pointed out - noting FTS - that the profile does not currently match reality. 

 

Decision made to cancel the meeting on the 23rd. 

Next meeting 14th December.