[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: TASL
Brian,
BEC> Seriously, there is obviously a very close relationship (the actual
BEC> protocol exchanges would be like those in MAST and NOID, so I didn't
BEC> spell them out). But when I re-read MAST I don't see it clearly stated that
BEC> a separate, reliable, and secure transport connection is used to carry the
separate: yes.
reliable: the spec calls for retransmission with exponential backoff.
secure: the current spec calls for a random string, to protect against
obvious within-session spoofing.
doing more than this requires carefully deciding among tradeoffs for
cost and benefit. TLS is an easy, reasonable choice, but the overhead of
a tcp connection gets a little scary when the scaling effects of having
every host-pair do this is considered.
BEC> exchanges - that is suggested as an option at the end of the MAST security
BEC> considerations, but it is basic to TASL. And I don't see any need to use
BEC> XMPP as you suggest in MAST. So I'd argue it's a simpler approach, but
BEC> clearly closely related.
The question is whether there is need for a dynamic rendezvous service.
It is offered as an adjunct, not core, capability in MAST, in order to
support situations with mobile servers.
d/
--
Dave Crocker <mailto:dcrocker@brandenburg.com>
Brandenburg InternetWorking <http://www.brandenburg.com>
Sunnyvale, CA USA <tel:+1.408.246.8253>, <fax:+1.866.358.5301>
- References:
- TASL
- From: Brian E Carpenter <brc@zurich.ibm.com>
- Re: TASL
- From: Brian E Carpenter <brc@zurich.ibm.com>