[ticker-dev] ticker-3.0 spec - Replace on Message ID
Ian Lister
ilister at dstc.edu.au
Tue Apr 9 10:23:36 EST 2002
On Tue, 9 Apr 2002, David Arnold wrote:
> Martin> In fact I'd prefer that the replacement option to be key
> Martin> based, so that only the bona fide originator of a
> Martin> notification has the right to recall or change the notif.
>
>using keys could ensure that the replacement message was authentic,
>but this is separate from the replacement mechanism itself, i think?
I don't think the key model is suitable for doing this. (Read: I can't
think how you'd do this without some very bad tradeoff, and even then only
really by putting stuff in the notification too).
That said, keys are in the right direction if you want to do this
securely. The problem is that you need to verify that the sender of the
two messages has the same identity, which points towards sending a public
key as part of the first message and a signature with the same key as part
of the second message. I can't see people implementing this any time soon
:-)
Ian
More information about the ticker-dev
mailing list