Warrant
Figure:
Warrant structure
|
A warrant is a bearer-instrument to establish a service binding. Figure
shows the composition of a warrant. Jtrix defines an XML representation
for warrants (see Section
).
A warrant has the following salient components (cf. Figure
):
- Access point
- (optional) is either an embedded descriptor or a set
of binding URLs which can be used to create a new access point. Optionally,
it specifies the account type (internal or external).
- Service ID
- (optional) is the principal's
name and public key. Its presence permits the node-wide reuse of the
access point as well as the verification of the netlet descriptor.
- Warrant data
- (optional) is application-specific
data presented to the access point as part of the bind request.
- Signature
- (optional) can be used to verify the
authenticity of the warrant.
A Warrant that does not have access points or service IDs cannot be
used to bind a service.
Inside a node, warrants can be passed around without being converted
into to XML (using org.jtrix.base.Warrant).
A warrant is invalid if a Signature is present unless service-id/public-key
is also present and the Signature can be verified with public-key.
Ulf Leonhardt
2001-08-16