DB design document

linas@linas.org linas@linas.org
Wed, 20 Dec 2000 19:27:12 -0600 (CST)


It's been rumoured that Derek Atkins said:
> 
> The problem is that using TCP sockets is completely insecure.  This is
> also a problem with Xlib (which is why many people tunnel X in SSH :)
> We want to avoid over-the-network communications in-the-clear, by
> using encryption.  I would also like to see modular network
> authentciation (ala SSL certs or Kerberos tickets).  This would imply
> we want something like:
> 
>  (sql server <-> sql client <-> gnc_server) ||
> 		<- - -> ||
> 			(gnc_client <-> gnc_engine <-> gnc_ui)
> 
> This way we can encrypt or authenticate the gnc_client to the
> gnc_server, and we still gain SQL independence.  The gnc_server can be
> implemented to talk to any SQL server, but the gnc_client/engine/ui
> need know nothing about the implementation.

Lets reanalyse the requirements. You want security. Why? to run over
the open internet?  If you're running over the open internet, then
maybe there are publically accessible gnc servers all over the place? 
If so, then wouldn't it be best if the client and server talked a
standard protocol, such as OFX, or the open-trading XML, or one of
the other financial/money/b2b xml's?

If there are no public servers, then wouldn't encryption be better
provided by a VPN or other tunneling mechanism?  Why reinvent?

> I've also volunteered to write the gnc_server/gnc_client code,

I suppose I shouldn't discourage, then.

> provided I am given help with providing the APIs that the engine will
> need.

Hmmm. That's hard.

--linas