[cap-talk] securing a capability based chat program.
john.carlson3 at sbcglobal.net
Wed Nov 23 04:22:42 EST 2005
Here is the design of my chat program; I am having problems
securing it properly. The problem is that I have no way
of both providing the Avatar in a Message, yet still protecting
Avatars from abuse. I would like to be able to use the Avatar
in a public conversation or log to contact people to create a
private conversation. However, I don't want a hacker to be
able to use my Avatar to send messages. It's almost like I
need PKI to project both a private and public personas. I can
sign messages with my private key, so people know it is from
me. Does anyone see another solution?
I also need some way of sticking a private conversation in
the Account object and at the same time, avoid giving away
the Account. I guess I could set a list in the Avatar object
that would indicate the new Avatars to create Private
My implementation strategy is to use YURLs. I will experiment
with lists. Obviously using method capabilities would be easiest.
How do I prevent Waterken from displaying certain capabilities
in the XML? Say I only want to give myAccount.addPrivateConveration()
away and not all the other methods when someone requests an object
Should I create a facet? How does this help?
Private Conversation has
Public Conversation has
optional typed Stream
New Private Conversation Avatars (for this avatar owner)
More information about the cap-talk