Client v. Server Side Protocols, Interfaces and Storage
Protocols designed and analysed in the last ten years have focused on how we share keys and how we authenticate one end to the other. They convince Alice that Bob is at the other end of a line, or that Alice and Bob now share a key that is good to communicate over a particular type of channel. The output that the server, the CA, or whatever has told them is, yes, it is Bob at the other end, so it’s fine to go ahead and start talking to him.
I’d like to extend some of this work onto the interface the protocol shares with the application and the data that’s shared on that interface. The idea here is that the protocols that we use are not designed and used in a vacuum. There’s somebody at one end of the protocol who has to use this protocol to support a particular policy within an application, to make sure that a particular piece of data conforms to some part of that policy.
Unable to display preview. Download preview PDF.