river-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Patrick Wright <pdoubl...@gmail.com>
Subject Re: ServiceRegistrar
Date Mon, 28 Jun 2010 08:16:50 GMT
On Mon, Jun 28, 2010 at 10:11 AM, Tom Hobbs <tvhobbs@googlemail.com> wrote:
> Does this not hook into the security discussions on internet-visible
> services?
> You can satisfy your use case with authorisation levels and just not give
> "everyone" the authority to register services.  To my mind, this seems
> cleaner (although not necessarily better or easier), than having two breeds
> of ServiceRegistrar.

Just a thought--it seems to me you would want to block this on the
client side, to prevent DDOS attacks on the LUS if the LUS is visible
"globally". Block all attempts to register with a locally-generated
and thrown exception (via smart proxy returned by LUS on lookup).


View raw message