Glidein not relying on HTCondor file transfer
With the use of tokens, there is no more an x509 proxy forwarded from the CE to the job (Glidein) via some alternative mechanism.
The tokens, including the one used by the glidein to authenticate back to the pool, are sent via an encrypted condor file transfer.
These are small, so they do not cause significant load, but they are necessary.
If something breaks (like in a recent accident w/ an ARC CE, https://support.opensciencegrid.org/public/tickets/aa67f18c18cae2ce21b5e1865ca8692d3f7acfcdfd2b854dab5e960ecd1f8010), then the Glidein is failing.
We introduced a new dependency.
We should evaluate the possibility to remove that, e.g. by adding a key as a command-line attribute or encrypted attribute in the HTCondor job, and using that to decode the secrets downloaded from the already existing Web servers on the Frontend and Factory.