We should include in our tool kit the YURL and HTTPSY protocols.
They solve a number of the issues we are addressing for a useful
class of uses.
YURLs[1] are URLs that use the HTTPSY[2] protocol. Included in
the URL is a secure hash of a key used to certify the server.
The HTTPSY protocol includes a check of the hash against the
certification chain to verify the server's key.
The use case for YURLs are when Alice wants to pass a URL to Bob
and be assured that they both are accessing the same resource.
They are frequently used with webkeys, which include an
unguessable string that references a resource on the server.
(e.g. an account, a document, etc.)
YURLs and webkeys have been used in the experimental SCoopFS
system built at HP labs.[3][4]
[1] For one description see:
<http://cap-lore.com/SSL/YURL.html>. Also see section two of
reference 3.
[2] <http://www.waterken.com/dev/YURL/httpsy/>
[3] The technical report:
<http://www.hpl.hp.com/techreports/2009/HPL-2009-53.pdf>
[4] The code: <http://www.hpl.hp.com/personal/Alan_Karp/scoopfs/index.html>.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | gets() remains as a monument | Periwinkle
(408)356-8506 | to C's continuing support of | 16345
Englewood Ave
www.pwpconsult.com | buffer overruns. | Los Gatos,
CA 95032
_______________________________________________
therightkey mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/therightkey
