Re: [certi-dev] CERTI wishlist for student projects

[Eric Noulard]

2009/8/29 Gotthard, Petr <address@hidden>:
>
>> Aside from that, I remember that (encrypted) authentication plus
>> (optionally) on-the-wire data encryption had been subject to
> discussion
>> several months ago to allow running an RTIG on a public host.
>
> Oops, I forgot that completely. Thanks for refreshing my memory.

Authenticated connection was experimented in the past using GSSAPI
I don't even know if it's still working.

This task may need some refactoring of the "Socket" base class
in order to ease addition of this kind (just as the Proxy feature).

Jean-Baptiste is working a kind of SocketSHM which would
implement in-shared-memory socket functionnality.
This may be useful in order to
  * boost Federate/RTIA communication and avoid most of the syscall.
  * try to launch RTIA as a thread and not a separate process.

A clean Socket base class that may be refactored out
from that work and previous work.
This socket base class may be used for both
RTIA/Federate communication and RTIG/RTIA communication would be nice.
After that runtime config may indicates whether if we want
secured/encrypted socket (different flavor including ssh tunnel is a
possibility),
going through proxy, going through shared mem etc...
libCERTI may then polymorphically use the appropriate Socket_WhatEver
concrete class.

Just throwing some thought in the dicussion.
-- 
Erk
Membre de l'April - « promouvoir et défendre le logiciel libre » -
http://www.april.org