[AG-TECH] AG Venue Access Control

Ed Ritenour erritenour at lbl.gov
Wed Aug 13 12:24:49 CDT 2003 

Ivan

Are you making the authorization optional. There are times when you want
meetings open to allow anyone to attend.

Ed

"Ivan R. Judson" wrote:

> Hey Stuart,
>
> Good questions.  What it does is creates an authorization step in venue
> entry. What that means is if you aren't allowed in the venue, you don't get
> to know anything about the contents (including the stream information).
>
> If using dynamic streams this means you don't get to know the stream
> locations or encryption keys (because they're dynamically allocated). If you
> are using static streams, then the addresses could be known. Eventually
> (when the media tools are reasonable) we'll be adding an encryption rollover
> mechanism that issues new keys at an interval (might be random?), so that
> even if you know the stream locations, you won't know the keys to get at the
> data.
>
> Does that make sense?
>
> --Ivan
>
> > -----Original Message-----
> > From: Stuart Levy [mailto:slevy at ncsa.uiuc.edu]
> > Sent: Wednesday, August 13, 2003 10:17 AM
> > To: Ivan R. Judson
> > Cc: ag-tech at mcs.anl.gov
> > Subject: Re: [AG-TECH] AG Venue Access Control
> >
> >
> > On Wed, Aug 13, 2003 at 09:03:58AM -0500, Ivan R. Judson wrote:
> > >
> > > In the "almost ready to tell you about" 2.1 release
> > schedule for this
> > > Friday, we have added functionality that allows you (as the
> > venue or
> > > venueserver administrator) to specify who is allowed in (or not
> > > allowed in). This authorization mechanism will be expanding in the
> > > future, but currently it enables essentially ACL-like
> > control of every
> > > venue.
> >
> > How will it work?  Will it use encryption keys for the
> > streams, or just tell the tools not to start if the wrong
> > site tries to start them? I'm wondering if it's the kind of
> > thing that could be evaded by people who knew the multicast
> > addresses for the venue.
> >
> >     Stuart
> >

--
Ed Ritenour                                                         Phone:
510-486-5754
Data Communications/ Facilities                          Pager: 510-539-1069
Network & Telecommunications Department         Fax: 510-486-7000
             Lawrence Berkeley National Laboratory
             One Cyclotron Road, Berkeley, CA. 94720
                         MS 50E-101

More information about the ag-tech mailing list