ITS wiki

The Incompatible Timesharing System

User Tools

Site Tools


ch11

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
ch11 [2018-02-27 09:51]
victor [CH11 support for ITS in KLH10]
ch11 [2018-02-27 10:19] (current)
victor [Ideas for future work:]
Line 85: Line 85:
   *  Setting to only accept dynamic ip/port for specific chaos addresses. (Allow for future authentication extension?)   *  Setting to only accept dynamic ip/port for specific chaos addresses. (Allow for future authentication extension?)
   *  Dynamic setting for chip table ttl.   *  Dynamic setting for chip table ttl.
-  *  Better routing support.+  *  Better routing support ​(see [[https://​github.com/​bictorv/​chaosnet-bridge|the Chaosnet bridge program]])
   *  Implement loopback (not LUP, but Chaos pkts to self). Currently they are in practice dropped. I'm not sure ITS handles this very well anyway.   *  Implement loopback (not LUP, but Chaos pkts to self). Currently they are in practice dropped. I'm not sure ITS handles this very well anyway.
   *  Chaos broadcast can easily be implemented by UDP broadcast, but it's probably not very useful. Another implementation would be to send (individually) to all known hosts (in the CHIP table) on the same subnet, but this is probably not very useful either. (Does any ITS program do broadcast?)   *  Chaos broadcast can easily be implemented by UDP broadcast, but it's probably not very useful. Another implementation would be to send (individually) to all known hosts (in the CHIP table) on the same subnet, but this is probably not very useful either. (Does any ITS program do broadcast?)
-  *  Use DNS to find Chaos addresses.+  *  Use DNS to find Chaos addresses ​- see [[https://​www.aosnet.ch/​|more info here]].
   *  More CHUDP protocol functions?   *  More CHUDP protocol functions?
   *  Security: while ITS with PANDA/PWORD may keep malicious people out, there are gaping holes once you have Chaosnet access. If dynamic CHIP entries are allowed, anyone can come up with a random Chaos address and read/write your system over MLDEV. Possible improvements:​   *  Security: while ITS with PANDA/PWORD may keep malicious people out, there are gaping holes once you have Chaosnet access. If dynamic CHIP entries are allowed, anyone can come up with a random Chaos address and read/write your system over MLDEV. Possible improvements:​
 +    * Use DTLS.
     *    Let MLSLV check that the chaos address translates to an ITS name in the ITSNMS table.     *    Let MLSLV check that the chaos address translates to an ITS name in the ITSNMS table.
     *  Verify CHIP enties by checking that DNS entries for CH and IN classes match. This doesn'​t work for Chaos nodes with dynamic IP addresses (which is what it's supposed to support).     *  Verify CHIP enties by checking that DNS entries for CH and IN classes match. This doesn'​t work for Chaos nodes with dynamic IP addresses (which is what it's supposed to support).
-    ​   Add a cryptographic handshake to the CHUDP protocol. PKS key distribution using DNSWhen UDP port changes ​(e.gdue to NAT)renegotiate(When a non-authenticated CHUDP pkt arrives, send a challenge back.) +  ​ ​Chaosnet library for Linux/Unix? (See [[https://​www.aosnet.ch/​|implementations]]and [[https://​github.com/​bictorv/​chaosnet-bridge|the Chaosnet bridge]].)
-  *  Chaosnet library for Linux/​Unix???​ "​Chaosnet interface server"​ in Java?+
  
  
ch11.txt · Last modified: 2018-02-27 10:19 by victor