Difference between revisions of "Talk:Open Grid Protocol"
Lillie Yifu (talk | contribs) (Comment on potential security problem) |
Lillie Yifu (talk | contribs) (Capability lifetime) |
||
| Line 1: | Line 1: | ||
== Choosing an Agent == | == Choosing an Agent == | ||
Choosing an Agent | |||
The credential presented by the viewer may be valid for more than one agent. If so, then the viewer must specify the agent it wishes to control. If none is specified, and there are multiple possible agents, then log in will fail, and contain a list of possible agents. The viewer can then choose and reattempt login. | The credential presented by the viewer may be valid for more than one agent. If so, then the viewer must specify the agent it wishes to control. If none is specified, and there are multiple possible agents, then log in will fail, and contain a list of possible agents. The viewer can then choose and reattempt login. | ||
| Line 9: | Line 9: | ||
[[User:Lillie Yifu|Lillie Yifu]] 09:36, 22 August 2008 (PDT) | [[User:Lillie Yifu|Lillie Yifu]] 09:36, 22 August 2008 (PDT) | ||
== Capability Lifetime == | |||
Since cryptologically secure means the amount of time since creation to forge, break, or steal. Shouldn't all capabilities expire? Shouldn't there be a way of indicating when a capability is set to expire, so that clients of that capability can renew the lease on it? Also having capabilities with known numbers of uses is very valuable, so that clients could hand them out, confident that if they were overly broadly disseminated, the risk is limited to so many invocations, even if that number is a larger number. | |||
[[User:Lillie Yifu|Lillie Yifu]] 09:43, 22 August 2008 (PDT) | |||
Revision as of 09:43, 22 August 2008
Choosing an Agent
Choosing an Agent
The credential presented by the viewer may be valid for more than one agent. If so, then the viewer must specify the agent it wishes to control. If none is specified, and there are multiple possible agents, then log in will fail, and contain a list of possible agents. The viewer can then choose and reattempt login.
That looks like a security hole, because it means that a person who gets login credentials now knows something they did not prove they knew before, namely the agent list. It should not include a list of agents, instead, an identifiable agent should be considered part of the credentials necessary for login.
Lillie Yifu 09:36, 22 August 2008 (PDT)
Capability Lifetime
Since cryptologically secure means the amount of time since creation to forge, break, or steal. Shouldn't all capabilities expire? Shouldn't there be a way of indicating when a capability is set to expire, so that clients of that capability can renew the lease on it? Also having capabilities with known numbers of uses is very valuable, so that clients could hand them out, confident that if they were overly broadly disseminated, the risk is limited to so many invocations, even if that number is a larger number.
Lillie Yifu 09:43, 22 August 2008 (PDT)