[1449] in java-interest
Re: Third Party Library Loading
daemon@ATHENA.MIT.EDU (John D. Mitchell)
Sun Sep 3 07:49:47 1995
Date: Sun, 3 Sep 1995 01:11:41 -0700
From: "John D. Mitchell" <johnm@emf2-003.emf.net>
To: gandalf@viman1.viman.com (Matt Cline)
Cc: java-interest@java.sun.com
In-Reply-To: <9508310547.AA04108@claudius.viman.com>
Matt Cline writes:
[...]
> If you have a native method that you want people around the net to use,
> give the source code for the native method to someone running a
> "trusted host". This person will go over the code with a magnifying
> glass, fine-toothed comb and what-not to make sure that it only does
> what its supposed to do, and doesn't do anything sneaky. Once they are
> sure of this, they compile the code and put it onto their host.
>
> If you download an app which needs to use a native mehtod, it goes to one
> of the trusted hosts to get it. This would require several changes to
> the browser. One would be to allow it to download native methods from
> a trusted host (the list of trusted servers could be hardcoded or in a
> config file). The other would be some way of letting the browser know that
> the class it's trying to load has native methods in it, and also a way of
> telling the browser which trusted host it should go to to retrieve that
> class. I don't really know how this could be done.
>
> Would this have even a chance of working?
Hmm...
1) How is the 'trusted' host list generated?
2) How do you 'protect' that 'trusted' host list from being tampered with?
3) The end user client site can still be spoofed (unless there's a 'secure'
way to authenticate and verify the integrity of communications with the
'trusted' hosts).
4) The whole concept of having trusted hosts is a bit unsettling. Single
points for people to attack, spoof, etc. This seems very much the same
discussion as with e.g., PGP encryption key distribution problem. Would
the same sort of solution work?
Take care,
John
-
Note to Sun employees: this is an EXTERNAL mailing list!
Info: send 'help' to java-interest-request@java.sun.com
