[126] in Zephyr Mailing List
Re: dredging InterRealm Zephyr back out of the swamp...
daemon@ATHENA.MIT.EDU (Victor Dmitri Schoeman)
Fri Jun 3 15:15:48 1994
Date: Fri, 3 Jun 1994 15:11:25 -0400 (EDT)
From: Victor Dmitri Schoeman <vs0r+@andrew.cmu.edu>
To: zephyr@MIT.EDU
In-Reply-To: <9406030021.AA00365@squeamish-ossifrage.mit.edu>
Derek Atkins <warlord@MIT.EDU> writes:
> I have a hacked zhm (and clients) that allow cross-realm
> communications. It is a gross hack that doesn't scale.
> (Unfortunately the CMU hacks to the zephyr server, which scale much
> better than my code, disallow subscriptions with tickets from a
> "remote" realm, something I consider a bug :-)
I consider this the correct way to handle inter-realm. If you
consider aspects of scalability you will realize that each client in
each realm should not go through each server for each realm.
Otherwise the servers would end up being incredibly overloaded. The
way we do this is have your subscriptions go through your local server
which subscribes to the other realm's server on your behalf. The way
this is enforced is not allowing users from other realms to subscribe
to your server directly.
> Also, the CMU servers only provide transitive authentication, not true
> authentication. This means that you have to trust the remote zephyr
> server no to lie to you about the person who wants to authenticate to
> your zephyr realm, since all interrealm subscriptions are done via the
> zephyr.zephyr@REALM key.
Yes, this is the case. But this strikes me as reasonable. First
based on rationality; at least here at cmu, we keep our servers behind
locked doors and restrict root access to them. The second issue is,
again, scalability. Verifying authentication of a broadcast zephyr is
much better done once on the server of the sending realm than once by
each party receiving the zephyr in the distant realm.
> FYI: My hack really isn't interrealm zephyr. It is more appropriately
> named multi-realm zephyr, since it allows people on the host running
> my zhm to talk to many different realms at the same time, and
> subscribe to messages in and send messges to any realm that is known,
> providing the authentication exists.
>
> Dmitri: is there any way to remove the call to sender_in_realm()
> from your zephyr server? ;-)
As said before, by John, no, this is not a bug, and not deserving of
being fixed. It is a fundamentally critical issue with respect to
scalability.
> -derek
>
> Derek Atkins, SB '93 MIT EE, G MIT Media Laboratory
> Member, MIT Student Information Processing Board (SIPB)
> Home page: http://www.mit.edu:8001/people/warlord/home_page.html
> warlord@MIT.EDU PP-ASEL N1NWH PGP key available
Dmitri
