Reply to this email directly, view it on GitHub, or unsubscribe.
Triage notifications on the go with GitHub Mobile for iOS or Android.
You are receiving this because you commented.
Well, i believe it does because that's what the code allows. Indeed, you are correct that the user should use TLS to transmit the token via the URL. Unfortunately, nothing stops the user from not using TLS. I suppose we could test for the presence of 'authz' cgi in the client and force using TLS if it's there. I think the basic problem is that there is no defined way of how a user gets a one-off token, is there? ATLAS (and likely CMS) plans on having Rucio add the authz to the UR before handing back to the user who asked for it. Well, that's the idea anyway. Like I said, I have no issues of pointing to the ztn token from the SecEntity object. My question is whether the ztn token is valid for all file accesses the user wants to make; and if so, doesn't it make it a fat token?
—
Reply to this email directly, view it on GitHub, or unsubscribe.
Triage notifications on the go with GitHub Mobile for iOS or Android.
You are receiving this because you commented.
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1