* Re: [9fans] about Plan 9 Security
@ 2002-09-30 10:43 Russ Cox
0 siblings, 0 replies; 4+ messages in thread
From: Russ Cox @ 2002-09-30 10:43 UTC (permalink / raw)
To: 9fans
> Thanks for the quick response, Russ. This becomes a lot more clear :)
> One thing I'm still not sure is that when the 2 factotums speak the protocol
> in section 3 (passing nonce etc), do they rely on the client and server
> process to pass messages around or do the 2 factotums send messages directly
> to each other?
Yes, they rely on the client and server to pass messages
(usually the client and server do this by calling auth_proxy).
They're not connected directly. This is illustrated by the
lack of lines between factotums in Figure 1a and by the
APOP example in section 2.6.
Russ
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [9fans] about Plan 9 Security
@ 2002-09-30 6:05 cchany
0 siblings, 0 replies; 4+ messages in thread
From: cchany @ 2002-09-30 6:05 UTC (permalink / raw)
To: 9fans
<p>
Thanks for the quick response, Russ. This becomes a lot more clear :)
One thing I'm still not sure is that when the 2 factotums speak the protocol
in section 3 (passing nonce etc), do they rely on the client and server
process to pass messages around or do the 2 factotums send messages directly
to each other?
Thanks again for the quick reply. That exceed my expectation :)
God Bless
John
</p>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [9fans] about Plan 9 Security
@ 2002-09-30 5:52 Russ Cox
0 siblings, 0 replies; 4+ messages in thread
From: Russ Cox @ 2002-09-30 5:52 UTC (permalink / raw)
To: 9fans
The authentication protocols explained in section 3
are executed via the mechanisms described in section 2.6.
Put another way,
when there is a 9P2000 conversation going on between two
endpoints, those endpoints typically delegate the job of
authentication to their factotum agents, which they
interact with by the transactions of 2.6. The agents
speak the protocols in section 3 (specifically, p9any
to negotiate followed by the negotiated protocol)
to do the authentication.
Russ
^ permalink raw reply [flat|nested] 4+ messages in thread
* [9fans] about Plan 9 Security
@ 2002-09-30 5:45 cchany
0 siblings, 0 replies; 4+ messages in thread
From: cchany @ 2002-09-30 5:45 UTC (permalink / raw)
To: 9fans
Hi,
I'm a student doing a research on Plan 9's security. I looked at the paper
"Security in Plan 9". However, I don't understand when it talks about
authentication in section 3 of the paper. Is this authentication scheme used
for different services than those described in section 2.6 (Factotum
Transactions)? If so, what services require which authentication scheme? If
no, does it mean that the challenge and response described in factotum
transactions a simplified version of the authentication process?
Thanks for any help and clarification.
God Bless
John
PS. I tried posting to the newsgroup before I joined the 9fans mailing list
but it doesn't seem to work. I hope I'm not sending any duplicate messages
to the group.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2002-09-30 10:43 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2002-09-30 10:43 [9fans] about Plan 9 Security Russ Cox
-- strict thread matches above, loose matches on Subject: below --
2002-09-30 6:05 cchany
2002-09-30 5:52 Russ Cox
2002-09-30 5:45 cchany
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).