[4386] in arla-drinkers
Re: [OpenAFS-devel] New Rx security model
daemon@ATHENA.MIT.EDU (Jason Edgecombe)
Sun Aug 31 16:22:10 2008
From arla-drinkers-bounces@stacken.kth.se Sun Aug 31 20:22:10 2008
Return-Path: <arla-drinkers-bounces@stacken.kth.se>
Delivered-To: arla-drinkers-mtg@bloom-picayune.mit.edu
Received: (qmail 4269 invoked from network); 31 Aug 2008 20:22:10 -0000
Received: from mx1.kth.se (130.237.32.140)
by charon.mit.edu with SMTP; 31 Aug 2008 20:22:10 -0000
Received: from localhost (localhost [127.0.0.1])
by mx1.kth.se (Postfix) with ESMTP id DBDACFD28B;
Sun, 31 Aug 2008 22:22:08 +0200 (CEST)
X-Virus-Scanned: by amavisd-new at kth.se
Received: from mx1.kth.se ([127.0.0.1])
by localhost (mx1.kth.se [127.0.0.1]) (amavisd-new, port 10024)
with LMTP id RV3TPGGfirt0; Sun, 31 Aug 2008 22:22:03 +0200 (CEST)
Received: from tapas.stacken.kth.se (tapas.stacken.kth.se [130.237.234.140])
by mx1.kth.se (Postfix) with ESMTP id 55721FC13E;
Sun, 31 Aug 2008 22:21:35 +0200 (CEST)
Received: from tapas.stacken.kth.se (localhost [127.0.0.1])
by tapas.stacken.kth.se (Postfix) with ESMTP id 4E60C51D5B;
Sun, 31 Aug 2008 22:21:35 +0200 (CEST)
X-Original-To: arla-drinkers@tapas.stacken.kth.se
Delivered-To: arla-drinkers@tapas.stacken.kth.se
Received: from brev.stacken.kth.se (brev.stacken.kth.se [130.237.234.84])
by tapas.stacken.kth.se (Postfix) with ESMTP id ABF3451D5D
for <arla-drinkers@tapas.stacken.kth.se>;
Sat, 30 Aug 2008 20:07:00 +0200 (CEST)
Received: from mx2.kth.se (mx2.kth.se [130.237.48.98])
by brev.stacken.kth.se (8.12.10/8.12.10) with ESMTP id m7UI701G003652
for <arla-drinkers@stacken.kth.se>;
Sat, 30 Aug 2008 20:07:00 +0200 (MET DST)
Received: from localhost (localhost [127.0.0.1])
by mx2.kth.se (Postfix) with ESMTP id 1BC11109731
for <arla-drinkers@stacken.kth.se>;
Sat, 30 Aug 2008 20:06:55 +0200 (CEST)
X-Virus-Scanned: by amavisd-new at kth.se
Received: from mx2.kth.se ([127.0.0.1])
by localhost (mx2.kth.se [127.0.0.1]) (amavisd-new, port 10024)
with LMTP id graahCmHKJvd for <arla-drinkers@stacken.kth.se>;
Sat, 30 Aug 2008 20:06:53 +0200 (CEST)
Received: from cdptpa-omtalb.mail.rr.com (cdptpa-omtalb.mail.rr.com
[75.180.132.122]) by mx2.kth.se (Postfix) with ESMTP id 73AD210971F
for <arla-drinkers@stacken.kth.se>;
Sat, 30 Aug 2008 20:06:52 +0200 (CEST)
Received: from jason-edgecombes-powerbook-g4-15.local ([71.71.199.37])
by cdptpa-omta03.mail.rr.com with ESMTP id
<20080830165515.ESMH28556.cdptpa-omta03.mail.rr.com@jason-edgecombes-powerbook-g4-15.local>;
Sat, 30 Aug 2008 16:55:15 +0000
Message-ID: <48B97B5E.2000305@rampaginggeek.com>
Date: Sat, 30 Aug 2008 12:54:54 -0400
From: Jason Edgecombe <jason@rampaginggeek.com>
User-Agent: Thunderbird 2.0.0.16 (Macintosh/20080707)
MIME-Version: 1.0
To: Derrick Brashear <shadow@dementia.org>
Subject: Re: [OpenAFS-devel] New Rx security model
References: <db6e3f110808300740k3e3251bco6251efcd7aa331ef@mail.gmail.com>
In-Reply-To: <db6e3f110808300740k3e3251bco6251efcd7aa331ef@mail.gmail.com>
X-Enigmail-Version: 0.95.7
X-Mailman-Approved-At: Sun, 31 Aug 2008 22:21:32 +0200
Cc: OpenAFS Devel <openafs-devel@openafs.org>, arla-drinkers@stacken.kth.se
X-BeenThere: arla-drinkers@stacken.kth.se
X-Mailman-Version: 2.1.6
Precedence: list
List-Id: Arla discussions <arla-drinkers.stacken.kth.se>
List-Unsubscribe: <https://lists.stacken.kth.se/mailman/listinfo/arla-drinkers>,
<mailto:arla-drinkers-request@stacken.kth.se?subject=unsubscribe>
List-Archive: <http://lists.stacken.kth.se/pipermail/arla-drinkers>
List-Post: <mailto:arla-drinkers@stacken.kth.se>
List-Help: <mailto:arla-drinkers-request@stacken.kth.se?subject=help>
List-Subscribe: <https://lists.stacken.kth.se/mailman/listinfo/arla-drinkers>,
<mailto:arla-drinkers-request@stacken.kth.se?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: arla-drinkers-bounces@stacken.kth.se
Errors-To: arla-drinkers-bounces@stacken.kth.se
Derrick Brashear wrote:
> A gentleman by the name of David Beck has given us a pointer to work
> he has done on a new security model for Rx. I cannot vouch for it yet
> as I have not completed a review of those code, however I will do so
> and encourage other interested parties to do the same.
>
> David says:
> The rt0d4 (Random Thoughts On Distributed Algorithms) project is an
> opensource development released under the BSD license. Everyone is
> free to use that.
> The short term goal of the project is to collect ideas, algorithms and
> tools for the development of various distributed applications. RxRPC
> would take part
> in the communication. The long term goal of the project is to develop
> some distributed applications.
>
> The first 0.0.1 release of the project contains the new security model
> and a few helpers. This new model is based on OpenSSL. The
> challenge/response
> part is implemented using Elliptic curve cryptography and the packet
> encryption is using blowfish. The challenge and the response packet
> can pass server and client
> certificates as opaque data, that may be checked by callback functions
> on both sides. This leaves place for x509 certificates. The response
> packet can also contain
> credential information (login+password) that may be verified by a
> callback on the server side.
>
> The project itself is mainly written in C++, but care was taken to
> make it pluggable into C projects. The configuration and build system
> is based on cmake.
>
> I hope you or others will find this useful.
>
> The project is registered at:
>
> google code (Main site): http://code.google.com/p/rt0d4/
>
Well, I see that some parts like the encryption is pluggable, which is
good. Are all the encryption parts, like the digests, pluggable? Does it
do TCP?
How well does this fit with the planned upgrades to Rx? Rxkad? Rxgss? RxTCP?
Can cmake play well with Configure? I couldn't get the one cmake
project (Paraview) that I tried to compile from source.
Sincerely,
Jason
_______________________________________________
Arla-drinkers mailing list
Arla-drinkers@stacken.kth.se
https://lists.stacken.kth.se/mailman/listinfo/arla-drinkers
