<snip>
>> The extra overhead in doing authentication is no worse than the each
>> client contacting the server directly as would be the case without a
>> proxy. So, that argument is moot. In fact, most sites employ a simple
>> authentication scheme between a proxy and a server which makes the
>> overhead negligible compared to the downside of serializing all the
>> traffic through a single physical socket.
>
> It looks like Alja is using X509.
Yes, our proxy is going out into the federation, pre-fetching data for local
consumption. Traditionally, proxies were fronting a storage farm invisible to
the outside world ... so servers were configured to trust the proxy.
Matevz
<snip>
########################################################################
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1
|