[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Where should port rights go?
|
From: |
Farid Hajji |
|
Subject: |
Re: Where should port rights go? |
|
Date: |
Thu, 16 Nov 2000 04:05:07 +0100 |
> Many ways to implement port rights come to mind. Here are some ideas:
<snip>
9. port-rights entirely managed by concerned parties:
* every communicating party is uniquely identified by its
sender-id/receiver-id. This information is provided by
the kernel/libmom and is considered trusted.
* port rights are managed by each party like this:
1. sender that whishes to give out a port right generates a
random id, saves that id in an internal table and sends
this it out to the recipient.
2. recipient uses this id in subsequent communications with
sender or with third parties, also caching the id in its
own table.
3. the third party can check the port right by asking the
originator to verify the random-id.
* random-ids should be timestamped and stamped with their intended
use by their originators before being sent out. Such stamps could
be used by other parties for verification purposes.
* port rights can be inherited and moved along by adding more and
more stamps to them.
+ distributed scheme that does not require any central authentication
authority.
+ fast generation and verification of rights
+ traceability through stamps.
- slight chance of forgeability by clients that poll every random-id
from a server (guessing id's).
-Farid.
--
Farid Hajji -- Unix Systems and Network Admin | Phone: +49-2131-67-555
Broicherdorfstr. 83, D-41564 Kaarst, Germany | address@hidden
- - - - - - - - - - - - - - - - - - - - - - - + - - - - - - - - - - - -
Murphy's Law fails only when you try to demonstrate it, and thus succeeds.