I've participated in or led a number of technical projects:
- The GridShib Project bridging Shibboleth, which is being broadly deployed on university campuses to support federated identity, to PKIs in use in the much of the computing research community. My goal being to help build a foundation for better integration between these communities. This project led to the CILogon project which will provide an Shibboleth-based PKI for the broader higher education community.
- Contributions to Grid Security, including helping define and standardize X.509 Proxy Certificates and GSSAPI Authentication for SSH among other advancements to Globus Toolkit security (GSI). I also developed the original implementation of MyProxy and later helped Jim Basney maintain and advance it.
- Designing, deploying and operating security infrastucture for large distributed scientific computing projects. Projects such as TeraGrid, MAEViz and OOI. I was heavily involved in TeraGrid, serving as the Area Director for Networking, Operations and Security for last year. Additionally, Jim Basney and I lead the architecture and operation of their single sign-on system and designed the security architecture for the Science Gateways program.
- In the early part of my career I worked on improving the performance of high-end networking applications and networks, in particular HIPPI. My User's Guide to TCP Windows is still frequently referenced. I also wrote a number of now very out-of-date network performance testing utilities as well as hippisw, a program generating routing tables for HIPPI switches.
I author three technical blogs on different subjects:
- Security Unwrapped: This is where I challenge myself to take complicated security topics and write about them in such a manner as to be understandable to the layperson. I find this a rewarding blog to write, but it takes a lot of time.
- My Ubuntu Experiences: Back in 2007 when I set up my home server I decided to keep a diary of my experiences - what worked, what didn't. And I decided to keep it on line as a blog as an experiment. It has served me well when I've run into problems a second or third time and based on comments and visits, it has helped others as well I'm happy to say.
- How did I do that? Any time I figure out some small challenge that I think someone else might benefit from (or I might in six months when I've forgotten myself), I put it here. Each post is a different issue with no relation to what came before.
In addition to participating in large computing projects, I've personally written a number of smaller pieces of software. As I'm a believer in open source, all are readily available. Some of the more interesting or substantial are:
- KRB525: A program for converting principals in Kerberos 5 credentials.
- pyVBox: A object-oriented wrapper around the python interface to Sun's VirtualBox virtual machine software.
- pydoc: A Ubquity module for searching Python documentation.
- vons-scripts: Collection of scripts I've written over the years.