Difference between revisions of "User:Wvengen@nikhef.nl/JGridStart"
From PDP/Grid Wiki
Jump to navigationJump to search (add planned features) |
(change description; update planned features) |
||
| Line 1: | Line 1: | ||
| − | Using a [http://en.wikipedia.org/wiki/Grid_Computing computing grid] requires authorisation and authentication. This is managed by [http://en.wikipedia.org/wiki/Asymmetric_cryptography asymmetric cryptography] with client-side SSL certificates. | + | Using a [http://en.wikipedia.org/wiki/Grid_Computing computing grid] requires authorisation and authentication. This is managed by [http://en.wikipedia.org/wiki/Asymmetric_cryptography asymmetric cryptography] with client-side SSL certificates. Currently, setting this up requires the user to [http://ca.dutchgrid.nl/guide/ go through] [http://www.dutchgrid.nl/agenda/askArchive.php?base=agenda&categ=a042&id=a042s3t2/moreinfo several steps] that can by quite daunting to some. jGridStart attempts to ease this process with automation and a graphical user-interface, enabling you to quickly proceed to actually using the grid. |
jGridStart is currently being developed. I expect the first version to be ready somewhere in May 2009. | jGridStart is currently being developed. I expect the first version to be ready somewhere in May 2009. | ||
| Line 17: | Line 17: | ||
** switching between different certificates (like the default certificate in your ~/.globus) | ** switching between different certificates (like the default certificate in your ~/.globus) | ||
** importing/exporting a certificate for transfer | ** importing/exporting a certificate for transfer | ||
| + | ** changing the private key passphrase | ||
* security checks | * security checks | ||
** validate permissions of private keys | ** validate permissions of private keys | ||
Revision as of 12:02, 18 March 2009
Using a computing grid requires authorisation and authentication. This is managed by asymmetric cryptography with client-side SSL certificates. Currently, setting this up requires the user to go through several steps that can by quite daunting to some. jGridStart attempts to ease this process with automation and a graphical user-interface, enabling you to quickly proceed to actually using the grid.
jGridStart is currently being developed. I expect the first version to be ready somewhere in May 2009.
Planned features
- user-interface
- both graphical user-interface for easy usage by unknowledgeable users
- and command-line interface for cli addicts and testing.
- the application should detect the state of affairs and present sensible actions only
- working on multiple platforms: Linux, Windows, Mac OS X at the least
- single point-of-entry for management of grid certificates, including
- requesting a new certificate
- installing certificates into different parts of the system (like internet browsers)
- rekeying an (almost expired) certificate
- sending revocation requests
- switching between different certificates (like the default certificate in your ~/.globus)
- importing/exporting a certificate for transfer
- changing the private key passphrase
- security checks
- validate permissions of private keys
- require passwords on places where private keys is stored
- require passwords to pass a minimum strength test
- check certificates against revocation lists
- adaptable configuration so it can be deployed by other parties with moderate effort
- location of web forms for interaction with certificate authority
- content and properties of user's certificate
- name and organisation texts
Related software
- SpectroGrid2 with a java web start based certificate manager (also here)
- JaBaCATs Java Basic Certificate Authority Tools
- Portecle - GUI to create, manage and examine keystores, keys, certificates, requests, revocation lists and more.
- KeyTool IUI the cryptography GUI tool
- gridshib-ca contains a java web start tool that installs user certificates muchlike jGridStart, but with a minimal user interface.
