cookies and internet

Lon Willett Lon.Willett@REDACTED
Thu Jul 12 20:53:29 CEST 2001 

At 19:04 12/07/01, tony@REDACTED wrote:

>The cookie is not sent in the clear!
>Not since open source erlang anyway. The cookie may be generated or pasted in
>by hand either in the .erlang.cookie file or from the command line 
>-setcookie <cookie>
>
>When a node connectes with another node, a challenge is sent from the node 
>connected.
>Then it expects the challenge+cookie md5 sum as return (i.e not in the clear).
>After that the connection is ready to be hijacked ;-)

Oops.  I should have looked more closely.  That's good to hear 
(theoretically, one ought to use a proper MAC, but in this case, a keyed 
hash should serve well enough).  Is the cookie generation also fixed?  Last 
I saw, it was pretty ridiculously weak (although one could always generate 
it oneself, outside of erlang), but again, I didn't delve into the details, 
and certainly not recently.

>I hope we soon can run distribution over SSL.

Is there such a version of erlang available?  I'd be interested.

>>I've been intending to implement a simple version of cryptographically 
>>secured communications for Erlang/OTP, but haven't found the time.  If 
>>someone else is working on this (or wants to), then I'd be happy to share 
>>my ideas.  There are some subtle problems involved in setting up such a scheme.
>>
>>I hope this helps.
>
>I think SSL is the simple way forward.

Maybe.  The SSL code is widely available, and the protocol is well 
analysed.  These are definite pluses.  The minuses are that SSL is 
horrendously complex (and early versions of the protocol were flawed, for 
that very reason), and it is easy to misconfigure, and it usually requires 
an expensive setup (perhaps overly expensive for something like erlang, 
where a node coming up may want to make connections to a large number of 
other nodes at the same time).  Note that since erlang nodes only talk to 
other compatible erlang nodes via their distribution mechanism, there is no 
requirement that the distribution mechanism be "standards compliant"; thus 
it would be reasonable to use a simpler protocol.

>/Tony

Thanks, and sorry about the misinformation,

/Lon

More information about the erlang-questions mailing list