Campaign Leader: Rachana Ananthakrishnan

People: Deepti Kodeboyina
        Rachana Ananthakrishnan

Technologies: PURSe

Definition: 

The current implementation of PURSe requires that the MyProxy Server
be run on the same machine as the portal. The
"myproxy-admin-load-credential" command imposed the limitation. More
recent versions of MyProxy eliminates this and PURSe needs to be
upgraded to use it.

Also, recent versions of the MyProxy server provides CA functionality
and updating PURSe to use this would imply that that the CA signing
key need not be on the same machine as the portal.

Benefits:

The current installations of PURSe require the CA signing key and the
credential store be hosted on the same machine on which the portal is
run. This campaign will allow for mre secure PURSe installation by
allowing credentials and signing key to be stored in a separate, more
protected machine.

Deliverables:

(1) Upgrade and test with more recent version of MyProxy Server 
(2) Use myproxy-store rather than mypopxy-admin-load-credential to
store end entity certificates
(3) Test and update document to reflect use of remote MyProxy Server
(4) Investigate use of CA functionality from MyProxy Server
(5) Document API changes required 
(6) Add functionality to use CA functionality from MyProxy Server
(7) Update documentation and tests

Resources:

Deepti - 100% FTE, 3 weeks 
Rachana - Consultant