DISTRIBUTION NOTE
This protocol will not be distributed via anonymous ftp. If
interested, contact xkernel-bugs@cs.arizona.edu about obtaining this
protocol.
SPECIFICATION
VCONF is a virtual protocol; it does not directly manipulate messages.
At open, VCONF chooses a hash prefix for messages, based on the destination.
The prefix is requested from a key manager (KM, page ), and passed to a lower
hashing protocol that accepts a prefix, either MD5 or SHA.
VCONF doesn't create a session; the lower session is linked directly
to the protocol above.
SYNOPSIS
When VCONF is opened, it opens the protocol configured below
it with the addresses passed to it during open. The
first participant is then used as an argument to open a key manager (KM)
session. A key is looked up, and passed down via a control operation
to a lower hash protocol, becoming the hash prefix for that session.
The key manager session is closed. VCONF doesn't create a session,
but arranges for the lower session to be linked directly to the protocol above.
When an opendone happens from a lower protocol, VCONF does a GETPARTICIPANTS to determine the destination. The key lookup, etc. happens as if the open were from above.
REALM
VCONF is in the ASYNC realm.
PARTICIPANTS
VCONF passes participants to the lower protocols without manipulating them.
When VCONF is opened from above, it uses the first participant to lookup the hash prefix
to pass to the lower hash protocol. When opened from below, it uses
the second participant for the same purpose.
CONTROL OPERATIONS
VCONF passes all protocol control operations unchanged to the lower
protocol. There are no VCONF sessions, hence no session control operations.
CONFIGURATION
VCONF expects to be configured somewhere above a hash protocol (MD5 or SHA)
and directly above a key manager. It accepts arbitrary address types at
open time.
Example of a graph.comp file:
--------------------------------- @; name=simeth/0; name=eth protocols=simeth/0; name=arp protocols=eth; name=vnet protocols=eth,arp; name=ip protocols=vnet; name=md5 protocols=ip; name=km; name=vconf protocols=md5,km; name=udp protocols=vconf; name=udpcrypttest protocols=udp; @; prottbl = ../../../etc/prottbl.nonstd; ---------------------------------
KEYS
There are no special restrictions on keys for VCONF; they may be any length.
See the description for the key manager for example keys.
AUTHOR
Sean O'Malley