WLCG DOMA BDT Meeting

Name: WLCG DOMA BDT Meeting
Start: 2025-08-20T16:00:00+02:00
End: 2025-08-20T17:00:00+02:00
Location: No location set

Wednesday 20 Aug 2025, 16:00 → 17:00 Europe/Zurich

Mihai Patrascoiu (CERN), Petr Vokac (Czech Technical University in Prague (CZ))

Description

Topic: WLCG DOMA BDT Meeting (twiki)

- 16:00 → 16:10
  
  News 10m
  
  Speakers: Mihai Patrascoiu (CERN), Petr Vokac (Czech Technical University in Prague (CZ))
- 16:10 → 16:30
  Tape + Tokens: Polling 20m
  - Focused discussion on the tape polling (part of the Tape + Tokens project)
  - Refresher: Unified Tape & Tokens Proposal (WLCG Workshop 2025)
  Speaker: Mihai Patrascoiu (CERN)
  
  DOMA_BDT_Tape_Tokens_Polling_20Aug2025.pdf
  Conclusion:
  
  Experiments / Frameworks happy to have separate stage and polling tokens
  
  Discussion on-going whether the polling token should have a dedicated scope or not
  
  For the moment, both ATLAS and CMS are happy to use a wide, long-lived storage.read:/ token for polling
  
  FTS implementation can continue with the separate stage + polling tokens approach
- 16:30 → 16:50
  WLCG Token Profile: "stage" modifications 20m
  - Focused discussion on modifications to the WLCG Token profile related to stage capabilities
  - WLCG-AuthZ-WG/common-jwt-profile#57
  Speaker: Maarten Litmaath (CERN)
  I would like to draw people's attention to a few PRs and open issues in the WLCG Token Profile:
  
  storage.stage - the latest proposed text looks fine to me:
  https://github.com/WLCG-AuthZ-WG/common-jwt-profile/pull/57
  → there were no objections to the proposed text. The separate scope for polling looks more likely to be called storage.poll than the generic name storage.stat. It was also pointed out that the text should clarify what stat operations are exactly.
  
  storage.read - is it also to be used for listing directories?
  (see the proposed sentence near the end of that same PR)
  → it was pointed out that listing directories on SEs is only useful in checking for dark or missing data, and that we may not want to force the read scope to be used at this time, when a separate list scope happens to be preferred eventually: better delay that decision for now and adjust the proposed text accordingly.
  
  storage.create - an updated description is proposed here:
  https://github.com/WLCG-AuthZ-WG/common-jwt-profile/issues/33
  → it was pointed out that some SE flavors (e.g. StoRM) currently do not allow create to be used for renaming files and that we may tolerate use of the modify scope for a few years, while SE flavors and DM clients implement the data integrity proposal (pages 15-21) presented at the WLCG-HSF Workshop in May; the proposed text is to be adjusted accordingly.
  → after further discussion, the description was finally updated as shown here.
  
  Current compliance with storage.create in our production infrastructure (online validation tests)
  
  (XRootD has very flexible configuration, good chance that EOS & Echo could be fixed just by updating configuration files)
- 16:50 → 16:55
  
  AOB 5m

Choose timezone

WLCG DOMA BDT Meeting