Dear all,
On 08.01.2008, at 08:06, Frank Siebenlist wrote:
This email describes a proposal to change the current host-
authorization processing in our different GT-clients (GT2, GT4,
myproxy-init, gridftp, etc.).
The end result would be a host-authorization processing that would
enable a more dynamic use of host dns mappings, and provide a
migration path to a (slightly) more secure form of host
authorization that doesn't rely on dns lookups.
Most of the discussions about the need for the reverse dns lookup
have been documented "over the years", and this "reverse dns
feature" has been discussed in many bars all over the world:
http://bugzilla.globus.org/globus/show_bug.cgi?id=318
http://bugzilla.globus.org/globus/show_bug.cgi?id=1753
Note that the proposed changes have not been implemented (yet), and
we're looking for feedback, thumbs up/down, comments, suggestions,
etc.
I think that this proposal addresses one of the biggest problems
Globus has at the moment. The proposed migration path is backward
compatible and opens the door for a more flexible use of Globus.
Therefore: a BIG thumbs-up from me!!
---
Servus, Helmut (DH0MAD) ______________NeXT-mail
welcome_________________
FAX: +49-89-35831-8623 "Knowledge must be gathered and cannot be
given"
[EMAIL PROTECTED] ZEN, one of BLAKES7
Phone: +49-89-35831-8823
________________________________________________
Dr. Helmut Heller
Leibniz-Rechenzentrum (LRZ)
Leader Distributed Resources Group (DRG)
Boltzmannstr. 1, Room I.2.043, D-85748 Garching, GERMANY
