Interaction of Anonymous Terminus and CBS

[Clemens Vasters <clemensv@microsoft.com>]

I am going to add a section on the interaction of the anonymous terminus and CBS into the CBS spec, since that turned out to be a puzzle solve in the last couple of weeks for our product group.

 

The questions are these:

 

If we allow creating links to the anonymous terminus and routing via the anonymous terminus,

1. how do the tokens in the CBS cache apply to the routing gesture and
2. how is creating the link to the anonymous terminus authorized

 

How we are answering that for ourselves is:

1. The CBS token cache for the “to” target is formally evaluated each time a message is routed from the anonymous terminus. There’s caching optimization potential here, obviously.
2. If CBS is being used with no overlaid lower level authN/Z (i.e. SASL ANONYMOUS), we will only permit establishing an anonymous terminus link, if there is at least one valid token present the CBS token cache. The link is permitted to exist for a timespan less or equal to the latest expiry instant present in the CBS token cache. Updating a token with a later expiry will extend the permitted lifespan of the anonymous terminus link.