2
client_name = foo (mon has some corresponding shared secret)
3
client_addr = ip address, port, pid
13
map<client_name, client_auth> users;
19
map<entity_name, secret> entity_secrets;
21
struct service_secret_set {
24
map<string, service_secret_set> svc_secrets;
27
svcsecret will be a rotating key. we regenerate every time T, and keep
28
keys for 3*T. client always get the second-newest key. all 3 are
29
considered valid. clients and services renew/reverify key at least one
36
map<svc name or type, blob> client_capabilities;
41
authenticate principle:
43
C->M : client_name, client_addr. authenticate me.
44
...monitor does lookup in database...
45
M->C : A= {client/mon session key, validity}^clientsecret
46
B= {client ticket, validity, client/mon session key}^monsecret
49
authorize principle to do something on monitor:
51
C->M : B, {client_addr, timestamp}^client/mon session key. do foo (assign id)
52
M->C : result. and {timestamp+1}^client/mon session key
55
authorize for service:
57
C->M : B, {client_addr, timestamp}^client/mon session key. authorize me!
58
M->C : E= {svc ticket}^svcsecret
59
F= {svc session key, validity}^client/mon session key
61
svc ticket = (client addr, validity, svc session key)
64
on opening session to service:
66
C->O : E + {client_addr, timestamp}^svc session key
67
O->C : {timestamp+1}^svc session key
76
{client_name, client_addr}^client_secret
78
{session key, validity, nonce}^client_secret
79
{client_ticket, session key}^service_secret ... "enc_ticket"
81
where client_ticket is { client_addr, created, expires, none, capabilities }.
83
To gain access using our ticket: