 |
 |
Hi Albert, Here is where to start: https://xrootd.slac.stanford.edu/doc/dev49/tpc_protocol.htm Andy On Wed, 9 Mar 2022, Albert Rossi wrote: > Well yes, then, we need to discuss this. I will need to know how to pass the secret key through from the destination server to the client on the destination side initiating the TPC with the source server. > > This is new to me. > > Al > > ________________________________________________ > Albert L. Rossi > Senior Software Developer > Scientific Computing Division, Scientific Data Services, Distributed Data Development > FCC 229A > Mail Station 369 (FCC 2W) > Fermi National Accelerator Laboratory > Batavia, IL 60510 > (630) 840-3023 > > ________________________________ > From: Wei Yang ***@***.***> > Sent: Wednesday, March 9, 2022 1:59 PM > To: xrootd/xrootd ***@***.***> > Cc: Albert Rossi ***@***.***>; Mention ***@***.***> > Subject: Re: [xrootd/xrootd] ZTN and Scitokens auth (Issue #1584) > > > robocert is not rendezvous key. It is something prior to x509 delegation so we no longer need robocert. rendezvous key is a time limited shared secret sent by the client to both endpoints, to facilitate TPC. It needs TLS. > Whether dCache want to support rendezvous key is something to be discussed. The primary TPC in HEP is http though not exclusive. The rendezvous key in xrootd is used where x509 infrastructure is not available (and likely the token infrastructure is also not available, somewhere outside of HEP). > When x509 goes away, in principle, we can use token for authentication and then use rendezvous key for TPC (to avoid a more complexed token chain reaction), though someone will say that token is only for authorization :-) > > ? > Reply to this email directly, view it on GitHub<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_xrootd_xrootd_issues_1584-23issuecomment-2D1063312302&d=DwMCaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=60rQ0HHqHmEY1P6VSdyuTQ&m=9AJtCfH_GWBV-ISAUdgyoVCaVKkkAEMxEf1UiYHdGygxOsUYV-le4OHN1IX0EYr8&s=79dpk7QdguWHXF7Uf7JIbMQP1_j937XmHhMzSX6m0rY&e=>, or unsubscribe<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_notifications_unsubscribe-2Dauth_AA6NBHHPKMGMGN645IRDVD3U7D7KPANCNFSM5LUMRMZQ&d=DwMCaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=60rQ0HHqHmEY1P6VSdyuTQ&m=9AJtCfH_GWBV-ISAUdgyoVCaVKkkAEMxEf1UiYHdGygxOsUYV-le4OHN1IX0EYr8&s=59RGVJA1GM6PYPjx7_1S8OHv3J05wt03Gy8LywWIktM&e=>. > Triage notifications on the go with GitHub Mobile for iOS<https://urldefense.proofpoint.com/v2/url?u=https-3A__apps.apple.com_app_apple-2Dstore_id1477376905-3Fct-3Dnotification-2Demail-26mt-3D8-26pt-3D524675&d=DwMCaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=60rQ0HHqHmEY1P6VSdyuTQ&m=9AJtCfH_GWBV-ISAUdgyoVCaVKkkAEMxEf1UiYHdGygxOsUYV-le4OHN1IX0EYr8&s=G8ij4cqcygzzIj9YrbnpNy90wtxmM-s7pt-CceXXNPM&e=> or Android<https://urldefense.proofpoint.com/v2/url?u=https-3A__play.google.com_store_apps_details-3Fid-3Dcom.github.android-26referrer-3Dutm-5Fcampaign-253Dnotification-2Demail-2526utm-5Fmedium-253Demail-2526utm-5Fsource-253Dgithub&d=DwMCaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=60rQ0HHqHmEY1P6VSdyuTQ&m=9AJtCfH_GWBV-ISAUdgyoVCaVKkkAEMxEf1UiYHdGygxOsUYV-le4OHN1IX0EYr8&s=wiDsyodE6mxPHCjER1rxypxKLt51SNgeEjgBACvIRxI&e=>. > You are receiving this because you were mentioned.Message ID: ***@***.***> > > > -- > Reply to this email directly or view it on GitHub: > https://github.com/xrootd/xrootd/issues/1584#issuecomment-1063346075 > You are receiving this because you were assigned. > > Message ID: ***@***.***> -- Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/issues/1584#issuecomment-1063426347 You are receiving this because you commented. Message ID: <[log in to unmask]> ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1