LHC Computer Grid - Rollout
> [mailto:[log in to unmask]] On Behalf Of Oxana Smirnova
said:
> Well, SSL is good, but the steepest Web growth curve was achieved year
> or two before SSL was reasonably implemented, at least on the client
> side. Hmm, maybe that's where it started to slow down? :-)
The most rapid growth was probably the day the second site was added :)
LCG has gone from 1 site to 120 or so in 18 months, I doubt it will grow
at that rate ever again ...
> And by the way, what's
> percentage of sites that rely on SSL? Must be single digits, if not
less.
A lot of those sites will have only a small number of users, though. In
any case, sites that don't use ssl are usually making that choice
because they don't need it, I doubt there are many commercial sites
without ssl (well, there are e.g. some hotel sites without it where you
have to phone or fax your card number, but that's not very
user-friendly). There are a few grid use cases where anonymity is OK,
but not many.
> > I could say it the other way around: without security
> > you could *only* do anonymous things, and that's pretty limiting.
>
> Oh, no, it's *freedom* :-) Given that anonymous clients are
> accepted by the services.
But that will only be for the limited number of things which can be done
anonymously. E.g. you can go into a library to read a book anonymously,
but you can't take it home with you; if you want the freedom to do the
latter you have to accept that you need a library card.
> Let me give an example: what's limiting, is
> that you have
> to carry your passport when you cross from UK to France, and you might
> be even kicked out if it is expired. While the real great
> thing is that
> you can cross from Germany to France absolutely anonymously, and still
> be able to do your shopping. Well, perhaps you see it other
> way around.
France would probably *like* to have secure borders, but with a long
land border it's just impossible - much in the way that sites might like
to block port 80 but can't. Conversely, the UK has border security but
nothing internal, no ID cards, registration of addresses, tracking of
movements ... you can even go to Ireland without checks. At the moment
the grid is similar, get a certificate and get added to a VO and you can
do anything. But the UK is thinking of changing, and the grid probably
will too ... I've seen this described as castles vs airports. One builds
strong walls and tries to keep everyone out, but once you're in you're
trusted. The other accepts that pretty much anyone can get in, and has
internal checks to control access to specific areas according to need.
> Oh, really? Haven't seen any commercial Grid yet, matching what has
> grown in our quite academic environment. You (?) once correctly noted
> that our Grid is not hacked *yet* because it is fairly obscure, being
> largely a toy of just few scientists from a quite narrow
> community. So we enjoy so far the same luxury as internet once did.
But the internet had something like 20 years to grow without hackers,
and even the web had 5 years or so. LCG has been fortunate to have 18
months, I wouldn't bet on it lasting another 3 years ...
Stephen
|