[unisog] PlanetLab

bukys at cs.rochester.edu bukys at cs.rochester.edu
Thu Jun 26 13:50:40 GMT 2003


I am a PlanetLab PI at the University of Rochester.

Yes, placement of PlanelLab nodes does bump up against the edge of how
accountable I can be regarding a machine I don't actually administratively
control.

It is worth a discussion at each institution.


At my institution I have told our network/security admins to feel free
to shoot first and ask questions later, should anything suspicious appear.

I think that the PlanetLab AUP, aiming for a
lowest-objectionable-denominator, is reasonable as long as there is
somebody diligently maintaining that standard, and our standards are all
reasonably similar.  The PlanelLab administrators are alert and diligent,
and have built in more identify-the-originator functionality than most
of us have at our disposal on our own machines.

As a PI, my delegation of sys admin responsibility to PlanetLab and my
ability hold them accountable feels like a fine decision to date.  As for
the users, on our normal machines, we often provide "guest" accounts to
colleagues and collaborators both within our institution and without,
and this does require sponsorship.  Really, the social expectations and
controls I have over remote PlanetLab researchers (even with delegated
and distributed account creation) are probably stronger than the controls
I have over our own students or our internal inter-departmental guests.

If we have problems, I think they will be resolvable.  If we have
frequent problems, we can always revisit.  I am expecting problems to
be infrequent.

Note that within the last day or so the PlanelLab
admins shut down an experiment based on scriptroute
http://www.cs.washington.edu/research/networking/scriptroute/
as a PlanetLab AUP violation.


P.S. the correct URL is http://www.planet-lab.org/ (note the hyphen).



More information about the unisog mailing list