Warrants and security

To use a service a netlet needs a warrant. This is a small piece of XML which acts as a pass card to the service. The node uses the warrant to find the service--the warrant helps the node find the descriptor which enables it to bind the service. The warrant could contain the descriptor, but it doesn't have to.

The warrant also contains ``account'' information. For example, both Harry and his arch enemy Barry could be using the same file storage service from the same ASP. They both have warrants for the service. But Harry's warrant has Harry's account information, so it allows him to access his own files only, and similarly for Barry. Digital signatures prevent tampering, so Barry cannot alter his warrant and get access to Harry's files. See Figure .

Figure: A warrant is a netlet's pass card to use a service. But not only is it access to a service, it is access to a particular part of the service, or a particular version. Here, two netlets use warrant A to access the same information (the same files, for example) on a service, but another netlet with a warrant B does not have access to the those files, even though it can use the same service.

 

Harry's warrant allows his netlets to access the service from anywhere. So one netlet can be given a warrant, it can send a copy to a second netlet, and that second netlet can then access the same service on the same account.

A warrant is evidence of a contract. It is examined by the service to confirm it (the service) can be used. Harry could negotiate with the ASP off-line for access to the service. They would give him the right warrant for the deal they struck, and Harry then passes it to his netlets. Or a netlet could do the contract negotiation itself--it does not matter how it gets the warrant.

If Harry strikes another deal with a rival ASP he gets another warrant. By passing this to his netlets they now have a choice of service providers. They can switch from one to the other at will.