*Attending*
Chris Misra, U. Mass (acting chair)
Joe St. Sauver, Internet2/U. Oregon
Terry Gray, U. Washington
Ken Klingenstein, Internet2
Rodney Petersen, Educause
Deke Kassabian, U. Penn
Jack Suess, UMBC
Jim Pepin, Clemson
Steve Olshansky (scribe)
*Discussion*
-I2MM Debrief
AMSAC (Applications, Middleware, and Services Advisory Council), under which our work falls, convened its first meeting. http://www.internet2.edu/about/governance/advisorycouncils.html
The FWNA session was well attended, with several international participants on the phone. Key questions centered around working within the federated environment, while the engineering aspects seemed more baked.
It was observed that guest access solutions in use, while low tech and low LOA, seem to alleviate much of the incentive among campuses toward going this route.
- Performance and Security
On a recent call with the TeraGrid, it was reinforced that it is not a distributed pool of resources running a particular job in parallel, but rather a collection of resources which can be utilized individually on a directed/ arranged basis. Thus code which is optimized for a particular platform can be run on a resource most suitable to its needs. Given this environment, performance between the user and the particular resource in use becomes important, as does security.
The general perception among users is that their FTPs are too slow, but this is more likely due to stack-tuning issues on their workstations/systems v. network issues.
What are the primary customer pain points? Diagnostics become more important, and more complex and difficult, as computing environments become more distributed and more complex. Increasingly it is becoming hard to identify even where computing or data resources live, much less where problems are occurring.
Are the end-user issues more around near-real-time performance latency (e.g. how quickly pages load) than around network performance at the bulk FTP level (e.g. a large xfer taking 6 v. 8 hours)?
Many users are encountering problems with Vista (stack) auto-tuning, and as a result are disabling it and finding performance to be better without it.
Web services can be problematic from a performance perspective on an intra-campus level, and become much more so when they are inter-campus and thus more complex and harder to debug.
-Is a federation useful for promoting DNSSEC?
At the DNSSEC BoF at the I2MM the question arose whether a federation might be useful for promoting DNSSEC, e.g. as a vehicle for signing-key distribution?
Given that signing the root might not happen for a long time, if at all, and given that federation participants are already distributing information among themselves (e.g. metadata), could this existing trusted transport mechanism be useful in this context as a bootstrap for some aspects of DNSSEC?
DNSSEC Lookaside Validation (DLV) is currently operating as a means to facilitate DNSSEC adoption, could this federation approach also serve a constructive purpose?
Consensus on the call was that it is probably premature to pursue this approach, although it may be more viable in the future...
- Top ten prioritized security items discussion
=> Tabled for next call