[e-lang] Intra-host CapTP (was E language over I2P)
Kevin Reid
kpreid at mac.com
Fri Feb 29 11:32:08 EST 2008
On Feb 29, 2008, at 11:20, Sam Mason wrote:
> On Fri, Feb 29, 2008 at 10:52:16AM -0500, Kevin Reid wrote:
>> Our plan is to rewrite CapTP and VatTP in E, and replace the
>> encrypted-channel aspect of VatTP with TLS. I am currently working on
>> this.
>>
>> My implementation will include the feature that CapTP can use
>> multiple secure transports (besides VatTP); the particular use case
>> of this is so that vats running on the same OS can communicate over
>> anonymous streams (probably unix-domain sockets on unixoids, ??? on
>> Windows) without unnecessarily using encryption.
>
> I'm not sure if this will affect you, but there was recently a bug
> reported[1] in PostgreSQL with the conclusion being that TLS should
> be used for local communication as well as remote (to know who you're
> actually talking to), and using a null cipher for the actual local
> data
> transfer for performance reasons.
We will indeed need to authenticate the vat on the other end of the
socket (otherwise a malicious third vat could perform an introduction
which invalidates our mapping of VatIDs to connections); if TLS
supports requesting a null cipher then that might be a good way of
doing so.
However, we still need special local-communication code so that we
can pass file descriptors rather than IP addresses during introductions.
(Hm. Introductionwise FD-passing is not /sufficient/ for successful
communication if a local persistent vat dies and is restarted, as it
loses all its open sockets. Maybe we need to use IP (even if to
localhost) anyway. MarkM?)
--
Kevin Reid <http://homepage.mac.com/kpreid/>
More information about the e-lang
mailing list