Hi all, I've drawn a few diagrams to represent my current ideas about how to manage encryption. I'll be posting them later this week along with text explaining how I see this working for another round of criticism. I have a talk to give tomorrow, and I'll likely include them in the slide deck. It's a technical talk on distributed computing. Seems appropriate ;-).
A short summary: Every nanoprobe has its own keypair We will use Trust On First Use (TOFU) for nanoprobes CMA public keys will be distributed with the software We are able to deal with having more than one CMA public key, making it easier to eventually deal with compromised CMA keys The low-level code to support this is written, in the repository and it works(!). None of the high-level policy stuff is there yet. The code that works is basically a ping testing program that deliberately loses packets to encourage the protocol to recover from lost packets. This code turned out to be simpler than I thought it would be. That's a rarity, for sure! -- Alan Robertson al...@unix.sh _______________________________________________________ Linux-HA-Dev: Linux-HA-Dev@lists.linux-ha.org http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev Home Page: http://linux-ha.org/