RSA complaints (answer to)
Roger Books
>Is _that_ the justification for all of this? That it will be easier
>to change keys? I thought it was because you didn't trust server gods
>not to make blessed borgs (or to publish reserved.c, as you did in
>with an early INL release). Maybe if you went through and wrote down
>all your security assumptions and all the mechanisms that you see
>using for adding clients, servers, throwing out keys, etc, then you
>can explain what all of this is good for. I don't see that throwing
>out an RSA key and getting a new one is really any easier than throwing
>out a private reserved.c-type key and getting a new one. In either case
>the client needs to be recompiled, yes?
>
>>Right now RSA may be causing a little pain. But in the long run it
>>will be better. Be patient. Things will get better.
>
Apologies for not attributing the above, my newsreader, my e-mail, and
I just had a small war. The newsreader almost successfully ogged me. The
e-mail (obviously not clued) flew off on a completely unrelated tangent.
Let me see if I can put this in perspective. Right now we have a
situation where a server god with THE reserved.c can decide that x should
be available in his client. He doesn't think it is a borg feature. Server
god B thinks this is a borg feature and he doesn't want it on his system,
but A has blessed it and there's nothing he can do about it.
New scenario with public key. Each server god (and player for that matter)
gets his own key. Server god A makes his client and adds its key to his
list of allowed keys. Server B doesn't add it so it can't play on his
system. Everyone is happy. (Except for people out of the USA, and they
seemed to have fixed that.) Server god C, whose very generic client was
O.K. with everyone, has his key compromised. On discovery of this he
generates a new key and tells everyone. The borgs made with his compromised
key are instantly worthless because the server gods lock out that key.
Another factor here, I have a machine that none of the current
reserved.c gods have access to. It's my IBM PC running DV/X, so they can't
log into it. How currently do I get blessed binaries? They have to give
me the current reserved.c. At which point I could begin writing borgs.
With the new system I generate my own key and bless my own client. I then
ask the server gods to allow my key and, being reasonable people who know
I don't like to play borgs (:>) give me access. I post my client and again
everyone is happy.
Sherlock