Warrant

**Figure:** Warrant structure
$\resizebox*{0.95\textwidth}{!}{\includegraphics{images/warrant.eps}}$

A warrant is a bearer-instrument to establish a service binding. Figure

shows the composition of a warrant. Jtrix defines an XML representation for warrants (see Section

A warrant has the following salient components (cf. Figure ):

Access point: (optional) is either an embedded descriptor or a set of binding URLs which can be used to create a new access point. Optionally, it specifies the account type (internal or external).
Service ID: (optional) is the principal's name and public key. Its presence permits the node-wide reuse of the access point as well as the verification of the netlet descriptor.
Warrant data: (optional) is application-specific data presented to the access point as part of the bind request.
Signature: (optional) can be used to verify the authenticity of the warrant.

A Warrant that does not have access points or service IDs cannot be used to bind a service.

Inside a node, warrants can be passed around without being converted into to XML (using org.jtrix.base.Warrant).

A warrant is invalid if a Signature is present unless service-id/public-key is also present and the Signature can be verified with public-key.

Ulf Leonhardt 2001-08-16