[AFS3-std] Re: rxgk CombineTokens and enctypes
Andrew Deason
adeason@sinenomine.net
Wed, 7 Nov 2012 10:03:05 -0600
On Tue, 6 Nov 2012 19:49:26 -0600
Andrew Deason <adeason@sinenomine.net> wrote:
> Yes (as I understand it). At first I put in a couple of examples, but
> I thought that might be too wordy and not necessary. I originally
> wrote something like:
>
> + The identity in the new "combined" token is an application-specific
> + Combination of the identities of the input tokens. For example, an
> + Application may define the identity of the combined token to be the
> + Union of the identities of the input tokens. However, an application may
> + Instead define the combined token identity to represent the identity of
> + Token0 to be acting in an environment represented by the identity of
> + Token1, or some other complex or application-specific meaning. This
> + Combined identity may or may not be representable as a simple set or
> + List, and may or may not be commutative. An application may also
> + define application-specific variants of the CombineTokens RPC to utilize
> + multiple different token combinations, or to utilize additional
> + application-specific input and/or output parameters.
After writing this, this morning I'm a little unclear now on why
CombineTokens is even in the rxgk draft. From a practical perspective,
we're not going to ever use that RPC, right? And from a theory
perspective, every single thing about it is application-specific.
An application would not necessarily need a CombineTokens operation at
all, an application defines what the combined token means, an
application defines how to combine it (the given keying information only
applies to encrypted tokens), and I would think an application would
define how the token metadata (e.g. level) is combined, since that
really depends on what the combined token means (the identity) and what
the intended use is.
It seems like a lot of the discussion and complexity here are a result
of trying to make it generalized to any possible application use, so...
I'm not currently seeing how having this actually helps us. It seems
like if an application wants the ability to "combine" tokens, it should
just define its own RPC, and say what the combined token does. e.g.
AFSCombineTokens.
--
Andrew Deason
adeason@sinenomine.net