perfsonar-user - Re: [perfsonar-user] Certificate communication : perfSONAR
Subject: perfSONAR User Q&A and Other Discussion
List archive
- From: Mark Feit <>
- To: HADJALI Mehdi <>, "" <>
- Subject: Re: [perfsonar-user] Certificate communication : perfSONAR
- Date: Tue, 1 Feb 2022 18:46:53 +0000
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zsbYgYC0KtcQ0LmSwHCaTXwF1vNJakn7I+2kb81gSqM=; b=EprUUObBFw/Z6XkGqvz1Q+c/d7OdewuYbFwNnKaQJ/c8W3hWjVhoNsnRE5GAp5GnZZUPDJ9CL5MwmgQ0iLK3kCh4f0m/VU7LL0OliMlR48zGmXtinRYNd7mnxjUfdX4NwOL7qacW9riQz+1sOxvb0HUBrzPpYU+q59C1wj+oHXNFhBjIS0jP3KgZCMVliILFHlgRI7lhwGtlWLXYs0FMYzNLnMGuLsESjmqnlauabcl9/pCqIg0slXWQ3LJIlQqEj+FMWev0UoHi3mINBIfSWQc1JStixLM+u5VseJd2+F5wUrrSPrdXxmtGupBuejxxvk3V8Cz/c7hNBu1bV5cBfQ==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=B0dbaVQ2xnAlXU5QrTQnc80+txd55Ju6dWFGbOTygPI6byscNsGm7ylEh9lfcZ9EO4Ayw6BQWip4ROmCk9oNtpUhHos0Iz6tWpXy1wRLEjtw3QtTtNESC/We4pkNHyRDfSHz+Ya/NC94MjvEYA+Qu72W+eNb5joSX8auxY0UWRYjLqFl09CP9vE1Z8KSSy6xZHt99xzkMYbW3fEJMIP7BtWsYMpMqhqCu0KaAjVVph3b5q7483WzXeZrDbptRzYjdPoYCIDcIz8U61jUIG/U9BD7YSlvBbABziJAGak5rySCzxcz+L0VN67BxSzL+z96vs8cykesFedvC9w/DNwTLg==
- Msip_labels: MSIP_Label_7bd1f144-26ac-4410-8fdb-05c7de218e82_Enabled=True;MSIP_Label_7bd1f144-26ac-4410-8fdb-05c7de218e82_SiteId=8b87af7d-8647-4dc7-8df4-5f69a2011bb5;MSIP_Label_7bd1f144-26ac-4410-8fdb-05c7de218e82_SetDate=2022-02-01T12:37:41.0000000Z;MSIP_Label_7bd1f144-26ac-4410-8fdb-05c7de218e82_Name=FR Usage restreint;MSIP_Label_7bd1f144-26ac-4410-8fdb-05c7de218e82_ContentBits=3;MSIP_Label_7bd1f144-26ac-4410-8fdb-05c7de218e82_Method=Standard
|
HADJALI Mehdi writes:
I would like to take in place certificates for communication between different perfSONAR instances.
For my example, perfSONAR instances can be communicate with each other with TCP 5201 (iperf3)
I search to encrypt/secure this flow with certificate.
Generally, we’re limited by what the tools that actually carry out the measurements can do since we don’t maintain them.
For iperf3 specifically, the pScheduler plugin will, as of release 4.4, generate a unique private/public key pair, username and password for each measurement. That’s the extent of what iperf3 will let us do.
pScheduler communicates with other pSchedulers via HTTPS using self-signed certificates. We could add provisions for requiring verifiable certificates but nobody’s asked for it.
--Mark
|
- [perfsonar-user] Certificate communication : perfSONAR, HADJALI Mehdi, 02/01/2022
- Re: [perfsonar-user] Certificate communication : perfSONAR, Mark Feit, 02/01/2022
Archive powered by MHonArc 2.6.24.