Hi Linda,
Ar 01.11.07 11:30, Scríobh Cornwall, LA (Linda):
> Maybe should add to one of the policy documents (not sure which one)
> something on the lines that users must not use resources to crack
> certificates or for any other research into circumventing security
> unless this is specifically allowed by the VO operations Policy.
> Possibly add to VO operations policy that members must not do this
> unless it is specifically allowed in the policy.
I don't think this is a good idea. As I see it, the issue isn't that
security/cryptography research is "dangerous" (any more than particle
physics or biomedical research!) but that it was, it seems,
inappropriate use of VO resources.
I notice that the Grid AUP already has a clause "2. You shall [...] not
(attempt to) breach or circumvent any GRID administrative or security
controls." but it's probably a bit of a stretch to apply that in this case.
Of course it also says "1. You shall only use the GRID to perform work,
or transmit or store data consistent with the stated goals and policies
of the VO of which you are a member and in compliance with these
conditions of use."
Kind regards,
David
--
Dr David O'Callaghan
Research Fellow - Grid-Ireland - WebComG - Computer Architecture Group
Department of Computer Science, Telephone: +353 1 896 1720
Trinity College, Dublin 2, Ireland Email: [log in to unmask]
|