On Fri, Feb 08, 2008 at 09:52:40AM +0000, Lalo Martins wrote: > Is there any rhyme or reason to site ids?
The current "testing" site ids are not "true" site ids. The site id is actually supposed to be the public half of a public/private key pair using elliptic curve cryptography. A 128 bit key yields about 64 bits of security. > If all libraries will ship a separate site (as XOD or something) with > their OTDs, won't that pollute the site id space? > > And aren't them bound to clash at some point? Maybe set up a registry of > library site ids somewhere in the website? The idea is for site ids to be globally unique, since there is only a 1/2^128 chance of generating a collision. In order to claim to be a site you have to prove that you know the corresponding private key, thus you can't just pick an aribtrary public site id (unless you know how to work backwards to get the private key, in which case the NSA would like to have a word with you.) > Or is this (library OTD) going to be substantially different later on? I understand your confusion, it isn't very meaningful at the moment because it is not yet doing any of the digital signature checking that I have planned. I need to write a tool that spits out public/private keypairs for use with VOS. -- [ Peter Amstutz ][ [EMAIL PROTECTED] [EMAIL PROTECTED] [Lead Programmer][Interreality Project][Virtual Reality for the Internet] [ VOS: Next Generation Internet Communication][ http://interreality.org ] [ http://interreality.org/~tetron ][ pgpkey: pgpkeys.mit.edu 18C21DF7 ]
signature.asc
Description: Digital signature
_______________________________________________ vos-d mailing list vos-d@interreality.org http://www.interreality.org/cgi-bin/mailman/listinfo/vos-d
