>
> however, accessing the X509Certificates is only half the work. another
> thing that's unclear to me is the creation of a job-proxy. what does a
> client have to tell a service, so that the service automatically creates
> a X509_USER_{CERT,PROXY,KEY}? how is this implemented in the service?
>
> is it up to the DelegationListener to create the X509_USER{files}? does it
> have enough information at all, like job-cert and job-private-key, or should
> it create this information itself (can be done easily with e.g. a perl-script,
> but anyway...)? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
oh. by the way. this is true only on the client machine. a job-proxy-can
only be generated when having access to the user-proxy-private-key, right?
this private key is (of course!) never sent to the web-service, thus, creating
a job-proxy from the web-service is impossible.
kind regards,
H.Rosmanith
