Pluribus

Ben Laurie ben@algroup.co.uk
Mon, 08 Nov 1999 22:55:42 +0000


Bill Frantz wrote:
> 
> At 06:29 PM 11/6/1999 +0000, Ben Laurie wrote:
> >"Mark S. Miller" wrote:
> >>
> >> At 04:34 AM 11/6/99 , Ben Laurie wrote:
> >> >Following on from these comments, something I've been wondering for a
> >> >while is why not just use TLS?
> >>
> >> I believe the short answer is "wrong handshake".  The longer answer is
> Bill's
> >> http://www.erights.org/to-be-sorted/SSLvsEComm.html
> >I don't understand why "we will need to add certificate checking that
> >ensures that the distinguished name is indeed the hash of the public
> >key" is necessary at all. Who cares what the DN is if you have the key
> >in your hand?
> 
> In the E protocol, you start with the hash of the public key of the vat you
> want to connect to.  The handshake passes the public key, and the receipent
> checks the hash to ensure that it is talking to the right vat.
> 
> What I couldn't see at the time was how to perform this validation,
> particularly with a commercial SSL.  (See below)

OK, but it is, in fact, trivial, since the whole purpose of a cert is to
convey the public key. I presume you now do see that?

> >"Client Server vs. Peer to Peer" - it seems to me this is meaningless.
> >Each peer acts as a client when it initiates a connection and a server
> >what it receives one. SSL is used in the obvious way in each case.
> 
> In the EC Habitats beta, which used the immediate predesesor to the E
> datacomm protocol, we had major problems with both sides trying to connect
> at the same time.  To ensure the correct ordering of messages, we need to
> end up with only one connection.  While I am far from an SSL expert, I
> don't know anything in SSL that deals with this situation.  There is a fair
> amount of hair in the E connection setup protocol to handle just this
> situation.

There's nothing in SSL to deal with this situation, since its out of
scope. I don't see why higher layers couldn't deal with it, though.

BTW, what about "highest hash is the server" as a simple way to ensure
the connections are one-way?

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html

"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
     - Indira Gandhi