On Tue, 30 Jul 2013, Alan Robertson wrote:
post on Assimilation message formats - what they are, how they work and
why they work that way:
http://bit.ly/13Vro4U
reading:
SignFrame - Digital Signature - currently not
cryptographically secure (that's coming)
and yet:
communication between endpoints can consist of only a
handful of packets every few months - or even every few
years. By design, silence is the norm
... so there is the problem of either needing to do long lived
advanced keying (not desireable, and still rots / expires), or
to be able to consult a CA (and CRL) on the fly, to know if a
given transaction should be trusted. As it is UDP, we are not
able to do DH key exchange to get a smaller session key, and
will have to use long keys
A UDP packet, under normal curcumstances is probably less than
an MTU long --- call it 1.5k
Is there really room in that specification of: Assimilation
Message Formats for a payload, possibly with the overhead of a
compression lookup table, and a cryptographic oversign?
just thinking this through, but this seems like a
protocol design problem, when we get to implementation time
-- Russ herrold
_______________________________________________
Assimilation mailing list - Discovery-Driven Monitoring
[email protected]
http://lists.community.tummy.com/cgi-bin/mailman/listinfo/assimilation
http://assimmon.org/