[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: auth handshake and rendevouz objects
|
From: |
Marcus Brinkmann |
|
Subject: |
Re: auth handshake and rendevouz objects |
|
Date: |
Wed, 16 Oct 2002 18:55:59 +0200 |
|
User-agent: |
Mutt/1.4i |
On Wed, Oct 16, 2002 at 06:39:00PM +0200, Marcus Brinkmann wrote:
> We talked about auth and rendevouz objects before, and I think we concluded
> that the rendevouz object should be managed by auth (at least that's how I
> recall it).
>
> I just thought about it, and I think it should stay with the user. This is
> more flexible, and nonetheless secure. The only task of the rendevouz object
> is to establish validity and identity of the server provided rendevouz object
> handle. The client is free to say yes or no on that issue as he wants, as
> the client is initiating and passing on the handle to the server in the
> first place. auth can just trust the client's opinion on this.
I just read up the previous discussion on this topic, where I started
with the opinion I have now, and retracted it in favor of an auth managed
rendevouz object. In my mail I wrote that you convinced me of that, but I
don't remember how you managed that ;) So it might very well be that I
forgot a killer argument, but OTOH it might just as well be the case that we
weren't clear on how handle management and moving handles works at that
time.
Thanks,
Marcus
--
`Rhubarb is no Egyptian god.' GNU http://www.gnu.org address@hidden
Marcus Brinkmann The Hurd http://www.gnu.org/software/hurd/
address@hidden
http://www.marcus-brinkmann.de/