durusmail: durus-users: latency improvement in "new_oid"
latency improvement in "new_oid"
2006-05-16
Jesus Cea
2006-05-16
David Binger
2006-05-16
Jesus Cea
2006-05-16
David Binger
2006-05-17
Jesus Cea
2006-05-17
David Binger
2006-05-17
Jesus Cea
2006-05-17
David Binger
2006-05-18
Jesus Cea
2006-05-16
mario ruggier
2006-05-16
Jesus Cea
2006-05-17
David Binger
2006-05-17
Jesus Cea
2006-05-17
David Binger
2006-05-17
Jesus Cea
2006-05-17
David Binger
2006-05-17
mario ruggier
2006-05-17
Jesus Cea
latency improvement in "new_oid"
Jesus Cea
2006-05-17
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

David Binger wrote:
> But Mario is correct that knowledge that the oid of the
> root is the critical shared secret between the client
> and the server.

All of this are linked with my request of a "database/user/passwd"
authentication procedure. Suppose the server sends the "root" OID for
that "database/user/passwd" tuple when the user authenticates. Each user
could have a personal "root". Since the user could only access objects
following links, you could share a single storage between different
users, even if they are malicious. A user can't "guess" a valid OID for
an object of other users.

> Although I do think the idea is interesting,
> I don't think the oid space should be made sparse
> so that you can run a storage server on a public interface.
> I don't think you should run a storage server on a public
> interface.

Aha! :). I, nevertheless, would like to offer object storage services
for my clients, just like now I offer ZOPE space or MySQL capacity.
Since I would like to burn to ashes my MySQL machines :-), I would like
to offer a capable service with Durus.

I know that such a work could require a lot of hard work in Durus and,
worse, could be of no interest to mems-exchange. But I'm able to commit
time and code to the task if you, guys, decide to try.

> If I had control of a machine on your network, I would
> look at the first command a client sends,
> the one where the root oid is transmitted.

SSL is your friend :-). SSL is supported natively in Python, and with
extensions like M2Crypto, you can verify certificates, and so on.

- --
Jesus Cea Avion                         _/_/      _/_/_/        _/_/_/
jcea@argo.es http://www.argo.es/~jcea/ _/_/    _/_/  _/_/    _/_/  _/_/
jabber / xmpp:jcea@jabber.org         _/_/    _/_/          _/_/_/_/_/
                               _/_/  _/_/    _/_/          _/_/  _/_/
"Things are not so easy"      _/_/  _/_/    _/_/  _/_/    _/_/  _/_/
"My name is Dump, Core Dump"   _/_/_/        _/_/_/      _/_/  _/_/
"El amor es poner tu felicidad en la felicidad de otro" - Leibniz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQCVAwUBRGr6T5lgi5GaxT1NAQKRRwP/UrluwtijG/h6Dm+NJkb4JWQ7TMpgGoEi
RW+tBEWOM+ZT9wJhUzlh27JcrBO1FHPGzIb0upfHgUNN+RXb2O4sGMaHNlRvoK32
4XeJKT9nZ1kA9SyW1cPSac20humj60veti//hVmgRAefG15fiMdv7y3DMNviU3yu
/CcK7tS/jMY=
=CY+f
-----END PGP SIGNATURE-----
reply