### HTTP TF Meeting 23rd March

- Present


- Review of tickets.

The TF has assigned over 70 tickets, with 20 still outstanding. Major structural issues have been solved and now we have problems related to stability. All problematic sites have tickets assigned.

The ETF system will go in to production with SAM3 in the near future. The TF agreed that this transition can be used to move the probe from the TF responsibility into the experiment space. The group which created the probe (IT-ST at CERN) will continue to support it. The 'TF rota' mailing list will remain available so that tickets can be assigned there if necessary.

Belle-II (Silvio) asked about whether they could profit from the monitoring infrastructure. Oliver suggested they assemble a summary of WLCG services they are interested in and go to the WLCG MB with that.

Belle-II asked about advice for optimising HTTP performance on dCache after some tests they did which showed a penalty wrt xroot. Silvio will contact dCache and report to the TF any advice he receives.

- New endpoints

Are there still endpoints which should be added to the monitoring? Georgios has found 35 sites in AGIS which are not registered as supporting HTTP. Some do however respond on 80/443. Georgios will compile a list for Atlas. If they are added to the monitoring, Atlas will alert the TF first.

Discussion on the TF approaching non-HTTP sites. The list to approach will be purely Atlas so no decision to do this.

- The probe

Review of modifications to the probe.

Timeouts - the hard timeout, after which the service is 'critical', was extended from 30s to 100s as this is triggered by storage overload and we are trying to concentrate on HTTP related problems. TF agreed to keep the current 10s (soft) and 100s (hard) timeouts.

Crls - the probe is running without consulting crls, as a race condition was discovered which caused failures when the client read these in in one order rather than another, with the order being dictated by the directory, which changed every time the crls are updated. The issue was only detected with the Terena CA, which has a large number of intermediate CAs.

Encrypted access - no need to demand plain HTTP on disk servers, if performance is adequate it would be OK to be encrypted.

401 when deleting non-existing file - dCache issue, fixed in latest releases.

Expect: 100-continue - probe has been updated to use this logic, which is essential when dealing with large files.

Ciphers - certain ciphers, eg RC4, are not accepted by modern clients. Older servers (eg SL5-based), do not support more modern ciphers. While everything runs fine with standard SL6 clients, things like curl/Ubuntu or Chrome may fail with a kind of 'no cipher overlap' error. TF decided to implement detection of this condition in the probe and run it 'offline' to see how many sites are affected, then decide whether it should be made a mainstream test. Action -> Georgios.

- Remaining business

TF decided that the move of ETF to production will represent the end of TF responsibility for monitoring. Apart from assuring this transition, making modifications already noted, and handling any new sites that appear in the meantime, the TF will conclude at that point.

TF decided to assemble the 'HTTP access monitoring' material as a separate doc but not to pursue the remaining questions until a concrete implementation is underway. Action -> Oliver. Material is currently in the minutes of the 15th July meeting.

TF decided to leave the 'HTTP support for WLCG' doc with its remaining questions and to reconsider these issues when an implementer needs clarification.

There is an option on the table to continue the storage provider collaboration beyond the end of the TF. No providers had joined the meeting, nor reacted to the request for feedback, so no endorsement for this from the TF.