[442] in Zephyr_Comments
Re: class/instance mechanism
marc@ATHENA.MIT.EDU (marc@ATHENA.MIT.EDU)
Sun May 20 19:32:57 1990
I'm wary of supporting "marc@ATHENA.MIT.EDU subscribes to
WATCH.MIT.EDU:message.personal". My perception is that from anywhere
running zephyr, someone should be able to zwrite marc@ATHENA.MIT.EDU
and I should get the message, no matter what realm I'm logged into.
For this reason, I think that personal messages should always be
handled by the zephyr server(s) in the home realm of the user. Even
if it means warping messages across long, slow networks more times
than might be necessary.
In general, I think that JFC.MIT.EDU:message.personal.jfc@ATHENA.MIT.EDU
shouldn't exist. It's too hard to find a specific person.
I would like to see the following conceptual pieces (syntax to be
clawed over later :-):
field 1: zephyr realm
field 2: /foo/bar/baz/quux
field 3: recipient (kerberos principal, or empty for broadcast)
The library would give you an error if the realm part of 3 didn't
match 1.
I like ken's idea of a subscripion to filsrv/cyrus/u2/lockers/games
covering all initial subsets of that. There should also be
wildcarding: I should be able to subscribe to anything sent to
filsrv/cyrus/*. The server internals aren't too bad: Lets say
everything is stored as a tree, with nodes (IP address/port pair) at
any level in the heirarchy. (Assume hash table for efficiency.) When
I sub to filsrv/cyrus/u2/lockers/games, and someone sends to
filsrv/cyrus, the server finds filsrv/cyrus in the tree, then does a
recursive descent to determine all the recipients. Alternately, if I
sub to /filsrv/beeblebrox/*, and someone sends to
/filsrv/beeblebrox/site/assassin, the server would find everyone who
is "wildcard subbed" to all ancestors of the actual message: /*,
/filsrv/*. /filsrv/beeblebrox/*, etc. This all make sense, I think
:-)
You can only subscribe to messages where your kerberos principal is ==
3, or where 3 is broadcast.
On to acls:
An acl should be able to occur at any node on a tree. The acl should
apply to the entire subtree under it, unless it is overridden by
another acl. Acls should be placed on subscriptions in general,
wildcard subscriptions, and sending. This allows completely
restricted instances (for lack of a better word), restricted to
sending by only certain people, and not allowing wildcard subs to
certain trees (like /*, or /login/*).
There. I've propose something vaguely complete. Rip it apart :-)
