Discussion/comments on the data model/workflow (see slides for details):
- Except for the HLT farm, the x509 credentials of the proxy sill accessible to the user (could be isolated using singularity)
- No user proxy/credential for the job: job only has a job token used to get data access token from the central service
- Custom protocol on the storage side:
- ALICE-specific protocol, no standard, but code is public
- Additional configuration required for sites (XROOTD plugin)
- Two models possible (can be combined):
- Jobs get all data access at start-up, with an extended expiration date
- Jobs continuously ask central service for tokens, with shorter expiration date
- File deletion might be blocked (not required by standard jobs, not clear if implemented during the meeting)