 |
 |
> All sites typically configure their servers to requires some kind of authentication irrespective of what is being sent on the wire (e.g. TPC). If that is the case, then clearly, server to server cmmunications need to authenticate as well. Understood - is there a way to specify within the xrootd configuration, that *only* for TPC being on the wire, a different `sec.protocol` is being applied? I don't find that in the documentation. If there is no way yet, would this be a useful new feature? Otherwise, I don't see how Grid usecases can be covered securely as things are now. The straightforward solution would be to enable "unix", which is not save - a secure way would be to give all servers robot certificates in addition to their hostcerts. Of course, the final path to use is not a problem of xrootd, but rather something DDM should figure out and solve. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/issues/694#issuecomment-384422535 ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1