[Go-essp-tech] Question on P2P and signing of registry docs
philip.kershaw at stfc.ac.uk
philip.kershaw at stfc.ac.uk
Wed Jun 1 06:07:02 MDT 2011
Hi Gavin,
I wanted to be on the call yesterday but unfortunately I've been away at
another meeting. Hello from Pisa :)
One thing I wanted to raise in the context of the P2P architecture was the
registry interface, and the need to digitally sign registry documents.
This is something that we talked about at the ESGF meeting in Asheville.
To restate the problem, any peer can pass to another peer a registry
document containing registry information for itself and for other peers
that it has communicated with. Have I got that right?
The recipient of such a document might accept the registry information
about the sender but how can it verify the registry information contained
in the document that comes from other peers? The only way to do this is
for each peer to digitally sign its registry information. That way, on
receipt of such information, a peer can verify that all the information
has come from the expected sources and has not been tampered with. This
is a must for a production system. It would be a straightforward change
to add XMLSec code to sign content.
Cheers,
Phil
On 31/05/2011 16:01, "Cinquini, Luca (3880)" <Luca.Cinquini at jpl.nasa.gov>
wrote:
>Hi all,
> here's the agenda for today's conf call:
>http://www.esgf.org/wiki/EsgfCmip5Meetings
>
>And some background documentation on the p2p Node system:
>
>http://www.esgf.org/wiki/ESGF_Index
>
>thanks, Luca
>_______________________________________________
>GO-ESSP-TECH mailing list
>GO-ESSP-TECH at ucar.edu
>http://mailman.ucar.edu/mailman/listinfo/go-essp-tech
--
Scanned by iCritical.
More information about the GO-ESSP-TECH
mailing list