perfsonar development work

[Cándido Rodríguez Montes <>]

Hi Nina,

El 31/05/2008, a las 7:49, Nina Jeliazkova escribió:

Hi Candido,

The client, directly communicating with the web service (e.g. perfsonarUI) will need to use certificates or user credentials, in order to use the secure connection. Will  these will be different from GIdP authentication?  If using certificates, could you clarify the procedure to issuing certificates and ensuring each perfsonarUI user have a valid one?

No, you don't need to specify any certificate for the secure connection which it is generated "on-the-fly" by TLS (although you could specify which credentials you want to use). The certificate is different from GIdP authentication but the one used for https is a business of TLS.

I've made some tests with Axis1 and it works with a server with "https" without changing anything in my code. My AS is also available at https://homer.rediris.es:8443/perfSONAR-AS/services/AuthService

Regards

Best regards,

Nina

Nicolas Simar wrote:

Hi Roman, Nina and David,

Cándido Rodríguez Montes wrote:

Hi Nicolas and Loukik,

as perfSONAR MDM 3.0 is going to be installed by european NRENs, I would like to know if they are/will be deploy their services over http or https.

Https is not a requirement for the authN process but it is helpful for replying attacks, even the authN hasn't been part of perfSONAR!

what would be the impact on the

1) the web-service development if we were to use https (none?)

2) on the visualisation (the way they access the web-service).?

So, in case perfSONAR services are reached by http, we should ask them to move it to https.

Thanks a lot.

Nicolas

Regards

-- 

Cándido Rodríguez Montes E-mail: <>

Middleware warrior Tel:+34 955 05 66 13

Red.ES/RedIRIS

Edificio CICA

Avenida Reina Mercedes, s/n

41012 Sevilla

SPAIN

--

Cándido Rodríguez Montes E-mail: 

Middleware warrior Tel:+34 955 05 66 13

Red.ES/RedIRIS

Edificio CICA

Avenida Reina Mercedes, s/n

41012 Sevilla

SPAIN