The Divine Tragedy: J. Jensen, STFC Chief Soapbox Officer

Begin the creation of a masterpiece by J. Jensen, STFC Chief Soapbox Officer. Delve into the world of global e-infrastructures, authentication processes, and the complexities of certificates. Explore the challenges, innovations, and technical nuances in the realm of digital security and identity management. Witness a poetic narrative intertwined with the intricacies of modern technology and the pursuit of excellence in the Department for Mad Science.

• Poetry
• Technology
• Authentication
• Innovation
• Certificates

averl Follow

Uploaded on Apr 12, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

Presentation Transcript

1. SOAP-box, or the Divine Tragedy J Jensen, STFC Chief Soapbox Officer 31 Jan 2017

2. Non il mondan romore altro chun fiato di vento, ch or vien quinci e or vien quindi, e muta nome perch muta lato Department for Mad Science

3. IGTF successfully connecting global e- infrastructures Authentication Documented processes (APs, RAs) Lots of things learned the hard way GFD.225, rollover, withdrawing a CA, expiring a CRL Often against silly or unexpected constraints Occasional innovations E.g. RPDNS Department for Mad Science

4. Certificates are (technically) strong credentials Something you ve got Something you know Exceptionally well established decades old tech Work with Everything Delegation (only through proxies) Revocable (except for proxies) Work well with the right tools E.g. Globus, CertWizard Department for Mad Science

5. La dimanda onesta se de seguir con l opera tacendo Department for Mad Science

6. Other cases than authentication Digital signatures Robot AAs Technical limitations The grid is an experimental science Long lifetimes Both good and bad Department for Mad Science

7. Are the hard things always done right? DR, ROBAB E.g. changing signing algorithm Self audit Online CA Offline root Department for Mad Science

8. Non ragioniam di lor, ma guarda, e passa Department for Mad Science

9. Certificates are difficult (i.e. tools that we use) Still need for PMAs Creaking parts, high inertia infrastructures Obscure error messages Somewhat clumsy revocation model Lots of opportunities for delays Department for Mad Science

10. Lamor qui muove il sole e laltre stelle Department for Mad Science

11. Connecting stuff will remain popular E.g. IoT, HAN VPN, Device onboarding non-trivial E.g. connecting EGI, EUDAT, PRACE, ELIXIR, Very interesting, but Where s the use case? Proxying (in the AARChitecture sense) popular Lots of clever people on board Department for Mad Science

12. RCauth Potential to certificate EUDAT, EGI Easier connections to other e-infrastructures Department for Mad Science

13. Questo misero modo tegnon l anime triste di coloro che visser sanza nfamia e sanza lodo Department for Mad Science

14. Some (proposed) innovations E.g. RFC 6962 Trust Anchor mgmt TAMP Max s thing E.g. SAFE (arxiv.org/abs/1701.06562) Best/open innovation doesn t always win Department for Mad Science

15. Careful(?) deployment of Innovations Extended EE models Cloud host != host For and against innovations Can weaken things (baby, bathwater) Can improve things Department for Mad Science

16. Tu stesso ti fai grosso coi falso imaginar, si che non vedi ci che vedresti se l avessi scosso. Department for Mad Science

17. The need to understand what we do Documented processes Intended improvements that make things worse The need to improve what we do Without reinventing wheels We need to innovate for both sides Good guys and bad guys Department for Mad Science

18. Certain commercial operators (No one present in this room, obvs ) Department for Mad Science

19. Improvement More applications areas Driven by infrastructures (e.g. robots) More usable Driven by users More secure, more insecure Multi-LoA Defence against the Dark Arts Ongoing Department for Mad Science

20. Competing technology E.g. GridFTP via OAuth Not against tech but against the goodenoughism Business interest in blockchains Solution looking for a problem? FIM Moonshot Needs critical mass Lack of time/effort/skills for proper impl. Department for Mad Science

21. Incontanente intesi e certo fui che questa era la setta d i cattivi a Dio spiacenti e a nemici sui. Department for Mad Science

22. Unknown unknowns The grid as an experimental science Infrastructure threats Funding (lack of) Random attackers Bear principle Department for Mad Science