[4385] in arla-drinkers
New Rx security model
daemon@ATHENA.MIT.EDU (Derrick Brashear)
Sat Aug 30 11:07:10 2008
From arla-drinkers-bounces@stacken.kth.se Sat Aug 30 15:07:10 2008
Return-Path: <arla-drinkers-bounces@stacken.kth.se>
Delivered-To: arla-drinkers-mtg@bloom-picayune.mit.edu
Received: (qmail 14697 invoked from network); 30 Aug 2008 15:07:10 -0000
Received: from mx2.kth.se (130.237.48.98)
by charon.mit.edu with SMTP; 30 Aug 2008 15:07:10 -0000
Received: from localhost (localhost [127.0.0.1])
by mx2.kth.se (Postfix) with ESMTP id 8F8E9109708;
Sat, 30 Aug 2008 17:07:08 +0200 (CEST)
X-Virus-Scanned: by amavisd-new at kth.se
Received: from mx2.kth.se ([127.0.0.1])
by localhost (mx2.kth.se [127.0.0.1]) (amavisd-new, port 10024)
with LMTP id dWWcwDHYCs3q; Sat, 30 Aug 2008 17:07:04 +0200 (CEST)
Received: from tapas.stacken.kth.se (tapas.stacken.kth.se [130.237.234.140])
by mx2.kth.se (Postfix) with ESMTP id 0AB9F10813E;
Sat, 30 Aug 2008 17:06:46 +0200 (CEST)
Received: from tapas.stacken.kth.se (localhost [127.0.0.1])
by tapas.stacken.kth.se (Postfix) with ESMTP id 4385751D80;
Sat, 30 Aug 2008 17:06:46 +0200 (CEST)
X-Original-To: arla-drinkers@tapas.stacken.kth.se
Delivered-To: arla-drinkers@tapas.stacken.kth.se
Received: from brev.stacken.kth.se (brev.stacken.kth.se [130.237.234.84])
by tapas.stacken.kth.se (Postfix) with ESMTP id 83C3851D80
for <arla-drinkers@tapas.stacken.kth.se>;
Sat, 30 Aug 2008 17:06:44 +0200 (CEST)
Received: from mx3.kth.se (mx3.kth.se [130.237.48.97])
by brev.stacken.kth.se (8.12.10/8.12.10) with ESMTP id m7UF6h1G002843
for <arla-drinkers@stacken.kth.se>;
Sat, 30 Aug 2008 17:06:44 +0200 (MET DST)
Received: from localhost (localhost [127.0.0.1])
by mx3.kth.se (Postfix) with ESMTP id CB77569733
for <arla-drinkers@stacken.kth.se>;
Sat, 30 Aug 2008 17:06:38 +0200 (CEST)
X-Virus-Scanned: by amavisd-new at kth.se
Received: from mx3.kth.se ([127.0.0.1])
by localhost (mx3.kth.se [127.0.0.1]) (amavisd-new, port 10024)
with LMTP id OmZUXw-b6uS9 for <arla-drinkers@stacken.kth.se>;
Sat, 30 Aug 2008 17:06:34 +0200 (CEST)
Received: from yw-out-2324.google.com (yw-out-2324.google.com [74.125.46.29])
by mx3.kth.se (Postfix) with ESMTP id E614768022
for <arla-drinkers@stacken.kth.se>;
Sat, 30 Aug 2008 17:06:33 +0200 (CEST)
Received: by yw-out-2324.google.com with SMTP id 5so115916ywh.51
for <arla-drinkers@stacken.kth.se>;
Sat, 30 Aug 2008 08:06:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
h=domainkey-signature:received:received:message-id:date:from:sender
:to:subject:mime-version:content-type:content-transfer-encoding
:content-disposition:x-google-sender-auth;
bh=9o1jeSUZG3P4tNbYBGjr8/clFIsTEmhK4tgWvscqMkw=;
b=nUqzukgVCho2/EiJn5PaOwIyNaJxreLKq5nqrf/DPONQtBqDCcociwiBT5IMelqFUf
xRvV473Y7hRekvsw1FsYeSx7mHMIOb1CG+gs+pGMqkSlOTdUXe/vOTxAWt06kZh38xJs
zaVJPvJWneM/mMHUzlZaop3IVfSN1E1PWIrPw=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
h=message-id:date:from:sender:to:subject:mime-version:content-type
:content-transfer-encoding:content-disposition:x-google-sender-auth;
b=ru6NvHEYQnsXZH8FjLbNLf16JjIhHYbCtSujEdhpko2tg1WWWe9/vMQ9woLR2Zp2GV
UeHdIHz5OBt7DFJN/3T6SBXIRnUSLjw3SWZfDjKwVhy+EMKi3SZMMjYC9CKMpMZxSWAx
VSKMa8pxbpsRPk8Bf+0zq9/8vXTC2Jz4BRDqQ=
Received: by 10.150.220.19 with SMTP id s19mr5824313ybg.182.1220107245458;
Sat, 30 Aug 2008 07:40:45 -0700 (PDT)
Received: by 10.151.48.18 with HTTP; Sat, 30 Aug 2008 07:40:45 -0700 (PDT)
Message-ID: <db6e3f110808300740k3e3251bco6251efcd7aa331ef@mail.gmail.com>
Date: Sat, 30 Aug 2008 10:40:45 -0400
From: "Derrick Brashear" <shadow@dementia.org>
To: "OpenAFS Devel" <openafs-devel@openafs.org>, arla-drinkers@stacken.kth.se
Subject: New Rx security model
MIME-Version: 1.0
Content-Disposition: inline
X-Google-Sender-Auth: 33710eada1b78793
X-BeenThere: arla-drinkers@stacken.kth.se
X-Mailman-Version: 2.1.6
Precedence: list
List-Id: Arla discussions <arla-drinkers.stacken.kth.se>
List-Unsubscribe: <https://lists.stacken.kth.se/mailman/listinfo/arla-drinkers>,
<mailto:arla-drinkers-request@stacken.kth.se?subject=unsubscribe>
List-Archive: <http://lists.stacken.kth.se/pipermail/arla-drinkers>
List-Post: <mailto:arla-drinkers@stacken.kth.se>
List-Help: <mailto:arla-drinkers-request@stacken.kth.se?subject=help>
List-Subscribe: <https://lists.stacken.kth.se/mailman/listinfo/arla-drinkers>,
<mailto:arla-drinkers-request@stacken.kth.se?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: arla-drinkers-bounces@stacken.kth.se
Errors-To: arla-drinkers-bounces@stacken.kth.se
A gentleman by the name of David Beck has given us a pointer to work
he has done on a new security model for Rx. I cannot vouch for it yet
as I have not completed a review of those code, however I will do so
and encourage other interested parties to do the same.
David says:
The rt0d4 (Random Thoughts On Distributed Algorithms) project is an
opensource development released under the BSD license. Everyone is
free to use that.
The short term goal of the project is to collect ideas, algorithms and
tools for the development of various distributed applications. RxRPC
would take part
in the communication. The long term goal of the project is to develop
some distributed applications.
The first 0.0.1 release of the project contains the new security model
and a few helpers. This new model is based on OpenSSL. The
challenge/response
part is implemented using Elliptic curve cryptography and the packet
encryption is using blowfish. The challenge and the response packet
can pass server and client
certificates as opaque data, that may be checked by callback functions
on both sides. This leaves place for x509 certificates. The response
packet can also contain
credential information (login+password) that may be verified by a
callback on the server side.
The project itself is mainly written in C++, but care was taken to
make it pluggable into C projects. The configuration and build system
is based on cmake.
I hope you or others will find this useful.
The project is registered at:
google code (Main site): http://code.google.com/p/rt0d4/
_______________________________________________
Arla-drinkers mailing list
Arla-drinkers@stacken.kth.se
https://lists.stacken.kth.se/mailman/listinfo/arla-drinkers
