OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

regrep message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [regrep] [RS Issue] HTTP connection taking longer than TTL


I haven't hashed out a solution as of yet, but I was thinking along the 
lines of adding  optional mutually authenticated SSL to the Federation 
protocol.  This way, all members of a federation would be trusted by 
virtue of their connections to each and other being encrypted using keys 
that are trusted.  Some kind of self signed certificate exchange like is 
done in ebMS might just allow us to cut down some of the processing and 
comm (SSL/TLS can also do some compression) overhead.

As for ways to change http timeout...that is tricky in anything other 
than a controlled network environment -- think proxies and such.

Farrukh Najmi wrote:

> Matt,
> Did you have a solution for this potential problem?
> Can TTL be configured for a web server or web client?
> What options do we have?
> What changes would you suggest for the spec?
> Line 32 69:
> "So queries are routed to n registry instances, and responses are 
> returned to the requesting registry node, signed.  The requesting 
> registry node is expected to verify all signatures then re-sign the 
> response?  I can see cases where this could take longer that the HTTP 
> connection TTL."
> Thanks.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]