[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Vrs-development] Authentication
From: |
Eric Altendorf |
Subject: |
Re: [Vrs-development] Authentication |
Date: |
Sat, 5 Oct 2002 16:47:52 -0700 |
User-agent: |
KMail/1.4.1 |
On Friday 04 October 2002 09:48, Chris Smith wrote:
> Been having a bit of a ponder on the old 'infinite' cluster size
> issue. I have a plan, and it involves LDSs pooling connections to
> the most frequently accessed remote LDSs. That way we can stay
> within our system imposed 'max connections' whilst benifiting from
> a bunch being 'keep-alive'. This is a departure from GWs current
> design, but looks like it is easy to achieve. Rah!
I'm not sure I understand this. The way I understand things, pooling
connections is a caching strategy when you are able to keep more
physical connections than the number of logical connections you're
actually currently using. Our situation here is the opposite -- we
have limited physical connections but we need many logical
connections. What is my misunderstanding?
> So I'm thinking that perhaps an LDS that asks to join a VRS
> initialy gets a certificate signed by the VRS moderator. This
> certificate will be checked whenever a new connection is
> established and rejected if it was not signed by the appropriate
> agent (basically by checking the RootCA perhaps...).
I don't know that much about the architecture of authentication
strategies in systems, so I don't have much to add, but ... our needs
are not that complex, and your solution sounds good.
eric
--
"First they ignore you. Then they laugh at you.
Then they fight you. And then you win." -Gandhi