[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [DotGNU]Signing Webservices ?
From: |
Norbert Bollow |
Subject: |
Re: [DotGNU]Signing Webservices ? |
Date: |
Fri, 25 Apr 2003 10:53:37 +0200 (CEST) |
> 1. Internal data structures, internal apis, these are going to have a
> different license than the public apis?
Generally speaking, per-API licensing is not a good idea IMO. A given
chunk of code should have a certain license no matter what API you use
to interoperate with it.
(pnetlib and Classpath are exceptions to this rule.)
> 2. As to the validity of a function for execution, is is possible to
> make function calls that are checked by the dotgnu runtime?
Do you mean IL verification, or do you mean checking digital
signatures on chunks of bytecode?
> 3. The penalty for loading must be on the startup, when a webservice is
> registered to run, the validity must be established. The signing idea
> is good.
Yes.
> Basically the person running the server must trust the person writing
> the webservice.
Or someone who is recommending it (this could even be indirect, via a
web of trust).
Greetings, Norbert.
--
Founder & Steering Committee member of http://gnu.org/projects/dotgnu/
Free Software Business Strategy Guide ---> http://FreeStrategy.info
Norbert Bollow, Weidlistr.18, CH-8624 Gruet (near Zurich, Switzerland)
Tel +41 1 972 20 59 Fax +41 1 972 20 69 http://norbert.ch