Focus on: 
Login

EUGridPMA 63

Europe/Zurich
2/R-030 (CERN)

2/R-030

CERN

30
Show room on map
Description

Please be aware that an INDIGO IAM Hackathon will be held at CERN the following week https://indico.cern.ch/event/1460011/

Accommodation

  • An economic option is the CERN Hostel, which can be booked via this form
  • There are many hotels in Geneva and near Geneva Airport, all of which are easily accessible via the Tram 

Directions to CERN

On the CERN website you can find directions to CERN.

Public Transport

Transports Publics Genevois (TPG) provide good coverage of the area. If you are staying in a Hotel (not the CERN Hostel) you will be given a complementary travel card. Tram 18 takes you between CERN and the City Centre with a 'Billet Tout Genève validité 60''. Tickets can be purchased from machines at each stop. 

Minutes (collaborative)
Registration
Participants
Register
Participants
  • Baptiste Grenier
  • Berk Balci
  • Daniel Kouřil
  • David Groep
  • David Kelsey
  • Derek Simmel
  • Eisaku Sakane
  • Ian Collier
  • Jose Carlos Luna Duran
  • Lidija Milosavljevic
  • Maarten Kremers
  • Marcus Hardt
  • Mischa Sallé
  • Nicolas Liampotis
  • Scott Rea
  • Tom Dack
  • +7
EUGridPMA 63
Zoom Meeting ID
69932140028
Host
Hannah Short
Useful links
Join via phone
Zoom URL
  • Wednesday 5 February
    • 09:15 09:30
      EUGridPMA+: Welcome, agenda, minutes last meeting, note taker, introductions 15m
      Speaker: David Groep (Nikhef National institute for subatomic physics (NL))
      63-EUGridPMA-Geneva-intro.pdf
      63-EUGridPMA-Geneva-intro.pptx
    • 09:30 10:20
      T&I in GEANT 5-2 50m
      Speaker: Mr Maarten Kremers (SURF)
      2025-02-05 GN5-2 T&I overview.pdf
    • 10:20 10:45
      IGTF fabric updates: status of authorities and trust fabric news 25m
      Speakers: Cosmin Nistor, David Groep (Nikhef National institute for subatomic physics (NL))
      EUGridPMA-StateOfTheFabric-20250205.pdf
      EUGridPMA-StateOfTheFabric-20250205.pptx
    • 10:45 11:15
      Coffee 30m
    • 11:15 11:45
      GEANT Trusted Certificate Service Gen 5 30m
      Speaker: David Groep (Nikhef National institute for subatomic physics (NL))
      TCSGen5-update-20250205.pdf
      TCSGen5-update-20250205.pptx
    • 11:45 13:00
      Lunch 1h 15m
    • 13:00 15:00
      Token-based operations - security discussion 2h
      Speakers: David Kelsey (Science and Technology Facilities Council STFC (GB)), Hannah Short (CERN), Maarten Litmaath (CERN), Dr Mischa Sallé (NWO-I Nikhef)
      Kelsey-5feb25.pdf
      WLCG - Token Lifetime for Queued Scenarios.pdf
      • Assume that (at least physics) workflows all go through a workflow manager
        • Sven: make sure that direct submission is not possible in that case
      • Having a refresh token on the WFMS is not ideal fpr several reasons
        • Petr: too many token requests to IAM (believe that it cannot handle the throughput) 
        • Luna: only know if IAM is available at the point when you want to refresh (at that point it's too late) 
      • No list of trusted token issuers permitted on the grid. This is done by the experiment publishing which issuers it uses. 
        • What should an issuer need to do to get on this list? Several policies. 
        • Luna: Such a list could also be used for revocation? Revocation of an entire issuer (would require a semi automatic way for software to read the list)
      • Token issuer can effectively block itself by stopping publishing its JWKs
      • Mischa: Suggestion that JWKs be hosted separately to the issuer - benefit to security as otherwise JWKs would be compromised at the same time the issuer compromised
        • Maarten: Brian B has also suggested a CDN
        • Mischa: SciTokens puts them in github
      • There should eventually be 1 token issuer per VO plus probably issuers for WFMS

       

      Actions

      • Create list of trusted issuers, including what has to happen to be on the list
    • 15:00 15:30
      Tea 30m
    • 15:30 16:55
      AARC Architecture - token profiles and life times 1h 25m
      Speakers: Marcus Hardt (KIT), Marcus Hardt (Kalrsruhe Institute of Technology), Dr Mischa Sallé (NWO-I Nikhef), Thomas Dack, Mr Tom Dack
      Token Lifetime DIscussion
    • 18:00 20:00
      Dinner 2h

      Luigia Meyrin (a short walk from CERN or from Hospital de la Tour tram)
      Table booked for 15 name Hannah

  • Thursday 6 February
    • 09:30 10:00
      Developments in the Asia Pacific and the APGridPMA 30m
      Speaker: Dr Eisaku SAKANE (National Institute of Informatics)
    • 10:00 10:45
      DCVOTA and Elm 45m
      Speaker: Derek Simmel
    • 10:45 11:15
      Coffee 30m
    • 11:15 12:00
      AARC Policy Coordination and AARC-TREE: policy development planning 45m
      Speakers: David Groep (Nikhef National institute for subatomic physics (NL)), David Kelsey (Science and Technology Facilities Council STFC (GB))
      AARC-TREE-WP2-Policy-20250205.pdf
    • 12:00 13:30
      Lunch 1h 30m
    • 13:30 15:00
      AARC I082 trust frameworks 1h 30m
      AARC I082 trust frameworks draft document (AARC TREE D2.1)
    • 15:00 15:30
      Tea 30m
    • 15:30 17:00
      Wallet ecosystem - new federation models in AARC TREE 1h 30m

      Wallets and VCs, Gov eID assurance, and new models

  • Friday 7 February
    • 09:15 10:30
      Proxies - transparent or opaque? 1h 15m
    • 10:30 11:00
      Coffee 30m
    • 11:00 12:00
      AARC PDK - structure and re-organisation 1h
    • 12:00 13:00
      Lunch 1h
    • 13:00 14:30
      AARC and federation ISGC planning 1h 30m
    • 14:30 14:45
      Closing 15m
Powered by Indico v3.3.6-pre