• Messages sorted by: [ date ][ thread ][ subject ][ author ] [ Next ]
• [ Previous ] In reply to: Ben Laurie Next in thread: Ka-Ping Yee

At 11:19 AM 1/12/99 , Ben Laurie wrote:
>We might be persuaded to run [a VLS] at The Bunker - but I'd need to know
>what was involved, security/segregation requirements, etc. first.

[+] Great! And thanks!

Unlike Vats, VLSs don't require any interesting security. Compromising a VLS threatens only to waste resources. Given multiple working VLSs, one probably usually even deny service by compromising a single VLS.

A VLS should be run as a Java process (>= Java 1.1.6) with TCP/IP access to/from the open internet. A TCP/IP address should be permanently assigned to it, and it must always be able to create a listen-socket on this address when it restarts. We would then advertise this address.

Unlike a Vat, a VLS doesn't need to write any files -- all its state is ephemeral. It must be auto-restarted whenever the machine restarts, and it should be auto-restarted whenever it crashes. OS platform shouldn't matter, but a VLS running on unix may feel better about itself.

Unlike a Vat, a VLS has no need for crypto-secrecy, so it can be run openly even in countries with *import* restrictions. It does require (and include) authentication code. (Some future extensions to the VLS, like packet mixing, will require crypto-secrecy.)

I hope to have VLS code ready for trial deployment in about a week.

	Thanks again!
	--MarkM

Btw, what's The Bunker?

[ Next ]
• [ Previous ] In reply to: Ben Laurie Next in thread: Ka-Ping Yee