address@hidden: Re: Support for XNS in DotGNU ?]

dotgnu-auth

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

address@hidden: Re: Support for XNS in DotGNU ?]

From:	Norbert Bollow
Subject:	address@hidden: Re: Support for XNS in DotGNU ?]
Date:	Wed, 26 Sep 2001 07:10:30 +0200

FYI...

------- Start of forwarded message -------
X-From_: address@hidden  Tue Sep 25 22:42:11 2001
X-Envelope-To: <address@hidden>
X-Real-To: <address@hidden>
X-Sender: ace (Unverified)
In-Reply-To: <address@hidden>
Date: Tue, 25 Sep 2001 14:51:01 -0400
To: "XNS Talk" <address@hidden>
From: "Adam C. Engst" <address@hidden>
Subject: Re: Support for XNS in DotGNU ?
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
Reply-To: "XNS Talk" <address@hidden>
Sender: <address@hidden>
Precedence: Bulk
List-Software: LetterRip Pro 3.0.7 by Fog City Software, Inc.
List-Subscribe: <mailto:address@hidden>
List-Digest: <mailto:address@hidden>
List-Unsubscribe: <mailto:address@hidden>
List-Id: "XNS Talk" <xnstalk.xns.org>
List-Archive: <http://archive.xns.org/xnstalk/>
List-Post: <mailto:address@hidden>
List-Owner: <mailto:address@hidden> (XNSORG List Admin)

>Adam C. Engst <address@hidden> wrote:
>
>>  we'll certainly try to answer whatever questions you have
>>  about how XNS and DotGNU can work together.
>
>Thank you... actually before we get deep into the details of what
>could be done together, I'd very much like to know a little more
>about some potentially bothersome areas:

Totally reasonable, and I hope I can help.

>1.  One of the problems with Microsoft's Passport.com is that it
>     is a single point of failure.  (If some hacker or terrorist
>     destroys Passport.com then all web services that rely on it
>     are out of order).  Is the XNS Root Agency similarly a single
>     point of failure?

No. Drummond can provide more details, I'm sure, but XNS is (or 
rather, can be) a peer-to-peer system. However, as with many 
peer-to-peer systems, scalability can be a problem, and so XNS has 
the option of using a number of root services that mirror each other.

This has changed somewhat from the information you've seen on our Web 
site - staffing resources have prevented us from keeping everything 
as synchronized as we'd like.

Plus, of course, the root as it was initially conceived didn't store 
personal information, it was just for agents to locate one another 
(and that's still basically true with the new approach with multiple 
independent root service providers). Personal information is stored 
in agents that reside at XNS agencies, and the goal was to have many 
of those. So any one agency could theoretically be compromised (in 
the usual ways like social engineering, though security is built into 
XNS itself), but that wouldn't affect other agencies.

So again, no, there's no single point of failure in the XNS system.

>2.  What privacy-violating information (if any) could an
>     attacker potentially gain from sniffing on network
>     connections close the servers of the XNS Root Agency,
>     or from gaining unauthorised access to these servers?

I'll have to let Drummond answer that one, now that root services are 
a bit more complicated than before (there are actually a number of 
different root services, and a root service provider doesn't have to 
offer all of them). I believe that XNS currently uses SSL for all 
communications, which should reduce the sniffing vulnerability, and 
provisions are in place for other methods of protecting the data 
stream as they become available.

>3.  I read something on the website that seems to imply that you
>     will freely license those patents in a way that will prevent
>     them from becoming a problem for Free Software
>     implementations of your stuff.  Are you willing and able to
>     make a legally-binding commitment to this effect?

I'd love to do that, since it's certainly our intent, but I'm 
currently having some confusion about how the patents (which we can't 
avoid) interact with free software. Our current thought is to 
dual-license the XNS source under the GPL and a slight variant of the 
Sun Industry Standard Source License (SISSL) that's currently under 
evaluation by the OSI.

We have a patent license with OneName that allows us to sublicense 
the patents, and what I'm having trouble figuring out is if anything 
in that license would bother free software folks. One of the things 
that's going on behind the scenes is some restructuring of our 
initial agreements with OneName, so this is the time to let us know 
if there are things we should or should not do in the patent license 
to make it acceptable for free software.

Then there's the question of if we have to do something other than 
just releasing under the GPL to grant the free patent license to all 
who wish to use our code?

cheers... -Adam

_______________________________________________________________________
Adam C. Engst       Learn more about how XNS provides privacy, identity
XNSORG Chairman    management, and data exchange. <http://www.xns.org/>

For contact info, use my XNS contact card. <http://xns.org/=AdamEngst>

________________________________________________________________________
The XNS Talk Mailing List is an unmoderated forum
To unsubscribe, send any message to <mailto:address@hidden>
Archives at <http://archive.xns.org/xnstalk/>
------- End of forwarded message -------

[Prev in Thread]

Current Thread

[Next in Thread]

address@hidden: Re: Support for XNS in DotGNU ?], Norbert Bollow, 2001/09/26
- Re: address@hidden: Re: Support for XNS in DotGNU ?], John, 2001/09/26
  - Re: address@hidden: Re: Support for XNS in DotGNU ?], Norbert Bollow, 2001/09/26
- address@hidden: Re: Support for XNS in DotGNU ?], Norbert Bollow <=

Prev by Date: address@hidden: Re: Support for XNS in DotGNU ?]
Next by Date: Re: address@hidden: Re: Support for XNS in DotGNU ?]
Previous by thread: Re: address@hidden: Re: Support for XNS in DotGNU ?]
Next by thread: address@hidden: RE: Sun to Launch Digital ID, May Take on Microsoft]
Index(es):
- Date
- Thread