User:Wvengen@nikhef.nl/JGridStart

Using a computing grid requires authorisation and authentication. This is managed by asymmetric cryptography with client-side SSL certificates. Setting it up requires some expertise. jGridStart attempts to provide that, enabling you to quickly proceed to actually using the grid.

jGridStart is currently being developed. I expect the first version to be ready somewhere in May 2009.

Planned features

• user-interface
  • both graphical user-interface for easy usage by unknowledgeable users
  • and command-line interface for cli addicts and testing.
  • the application should detect the state of affairs and present sensible actions only
  • working on multiple platforms: Linux, Windows, Mac OS X at the least
• single point-of-entry for management of grid certificates, including
  • requesting a new certificate
  • installing certificates into different parts of the system (like internet browsers)
  • rekeying an (almost expired) certificate
  • sending revocation requests
  • switching between different certificates (like the default certificate in your ~/.globus)
  • importing/exporting a certificate for transfer
• security checks
  • validate permissions of private keys
  • require passwords on places where private keys is stored
  • require passwords to pass a minimum strength test
  • check certificates against revocation lists
• adaptable configuration so it can be deployed by other parties with moderate effort
  • location of web forms for interaction with certificate authority
  • content and properties of user's certificate
  • name and organisation texts

Related software

• SpectroGrid2 with a java web start based certificate manager (also here)
• JaBaCATs Java Basic Certificate Authority Tools
• Portecle - GUI to create, manage and examine keystores, keys, certificates, requests, revocation lists and more.
• KeyTool IUI the cryptography GUI tool
• gridshib-ca contains a java web start tool that installs user certificates muchlike jGridStart, but with a minimal user interface.