Users will be able to create tickets and associate them (one to one) with a data-object (iRODS file) or collection (directory). These will be either system-generated pseudo-random strings, 16 characters long, composed of upper and lower case characters 'A' through 'Z' and 0 thru 9; or optionally specified by the user creating the ticket.
Tickets are plain-text strings, not encrypted.
Only users with 'own' permission on objects will be allowed to create tickets for those objects (and modify or delete them). When the ticket is used, this will be rechecked and access denied if the original user no longer has 'own' permission.
Each ticket will be associated with one data-object or collection, although multiple tickets can be defined that refer to the same object.
Users will be able to access objects using tickets even if they do not have regular access permissions (the regular access is set via 'ichmod' or equivalent, giving users or groups read, write, or own permission). In the case of tickets on collections, all data-objects under that collection (including those in sub-collections) will be accessible (readable) via that ticket.
Users can either be normally logged into iRODS (as a regular, specific user) or not (connected as user 'anonymous', with no password).
Tickets can be set to last indefinitely or to expire at a certain time.
Tickets can be set to be usable any number of times, or to only be valid for a specified number of uses.
Tickets can be associated with specific users or groups, in which case access will be granted only if the valid ticket is presented from those users or users in those groups.
Tickets can be set to be valid only from specific computers (DNS host names), in which case ticket-based access will be denied when iRODS clients are connecting from other hosts.
When iRODS auditing is enabled, ticket-based accesses will be logged in the audit table.
It is expected that 'read' access will be the main ticket-access mode but 'write' tickets will be implemented too. Users will be able to grant ticket-based write access to a collection, with that access limited in both total number of files and bytes stored (since ticket based access is less secure, the mode needs to be limited). The iRODS system will track the file count and total storage space used via each 'write' ticket and enforce a quota limit (i.e abort another 'iput' if the limit has already been reached).