From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <362f4fdd6ec6448d050c7a0d78318c05@vitanuova.com> To: 9fans@cse.psu.edu Subject: Re: [9fans] writing code Date: Fri, 18 Feb 2005 18:22:40 +0000 From: rog@vitanuova.com In-Reply-To: <11ecd59550d99998dd6dc36cc4d9a8ca@proxima.alt.za> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Topicbox-Message-UUID: 0e24a284-ead0-11e9-9d60-3106f5b1d025 lucio: > Not really. Laptops are a poor solution to the problem of information > ownership and, on the reverse side, information sharing. So is the > disked workstation; for that matter, the entire "personal computer" > idea. Plan 9 does not propose to solve the problem, but addresses it > much better than all other conventional approaches. i'm not sure i agree. if you can always contact your authentication and file servers, the current plan 9 model works fine, but i think the idea of universal global interconnect isn't realistic. firewalls are ubiquitous. network coverage is patchy (and probably always will be). i think it makes sense to carry your personal information near your person, even if you only carry a key that enables you to access your personal data on other systems. paul: > Useful would be an encrypted file system on my laptop with a USB-dongle > auth server providing the key; something like a gumstix > (www.gumstix.org) could run an auth server pretty easily. this would be a way forward. if your fs is encrypted, it doesn't matter who has hardware access to your machine, as long as only you have the key. the important thing is to make the boot process itself secure, so that nobody else can step in and subvert your key entry. russ: > i don't know what peer-to-peer means, but if we moved to > a public key model (which was the reason presotto created p9any) > and had the auth server just be a repository for public keys > (signed by bootes), then any amount of caching could happen. i'd like to see an authentication model along SDSI/SPKI lines, where entities can authenticate directly with one another without necessarily needing to talk to a third party auth server. the inferno model does this currently, but you can only authenticate with parties in the same domain. charles has done some work in this area for Inferno. it's highly applicable to plan 9 too. this way, me and my laptop are at the centre of my world. i can talk to anyone, and name chaining and SPKI tag rules mean that i can make useful deductions about what i should do on their behalf, even if their public key isn't known to me. i'd like to see the distinction between cpu server and terminal disappear.