About SLCS (Short Lived Credential Service)
The SLCS is a service that issues short lived X.509 credentials based upon successful authentication at a SWITCHaai Identity Provider.
This service presents from the user's point of view an X.509 certificate factory that issues him/her a certificate with which he/she can access grid resources. The certificate is accepted by the international grid policy management authorities (IGTF), and therefore the certificate can be used most existing grid infrastructures.
The advantages of using SLCS certificates over long-lived certificates are their ease of use, namely:
- the user doens't have to keep track of where he copied his/her certificates between hosts
- he/she only needs to use his SWITCHaai federation account to obtain a certificate, thus he has to maintain one credential less
- he/she does not have to take care of the expiration, resp. renewal of the certificates. He/she simply requests a new one.
- as the SLCS is accredited by the international grid policy management authorities (IGTF), the certificate is recognized by all grid resources, where the IGTF certificate bundle is installed.
In order to receive the certificate, the user must execute a command on the host, from where he/she intends to access grid resources. He/she then receives the certificate and its associated private key after successful authentication. This certificate can be used until it expires, 11 days after it has been issued.
For a detailed description, click here.