Another week is over, so what did I do. I finally decided that OpenLdap is quite fast. After one whole night of benchmarking and a network load of 100%, the server was still rock solid. Not to mention the clients (See other post). So after that I started thinking about security and did some testes with TLS, SASL and certificates. This turned out to be incredibly slow. The initial setup cost of the encryption stands in no relation to the security it offers. I further implemented a server certificate so that the server can not be changed without the clients knowing. Which seams to only work with TLS. (I have to spend a little more time here) Further I finished the migration of my development cluster to ldap. So now all machines authenticate over ldap and it should work for all people at cern.
After asking a few people about my requirements document, I was happy to realise that Bournemouth Uni does actually teach you something. Really Ruth, Frank and Peter teach you something you will really need in a production environment. The guy here at Cern that writes quite a few requirements was quite impressed to see what I had come up with and quote "It is nice to see such a clean and good requirements document from a student" One thing they don't teach you at bmth is security, what is quite important here and should be everywhere. So I have to do some private study about that.
I spent some time having to migrate my loved tex and cvs combo to a shitty little twiki interface that doesn't allow comments in your twiki make up language and crashes on you all the time. Now I am spending hours counting spaces to get the bullet points right. And it is very slow. Just klicking on save takes 5 seconds in one case and in the other it crashes. Further it has no spell checker.
I did a little work on my project (ldap bench) but not even a cvs commit worth.
Posts
No comments:
Post a Comment