Mathematical Mesh: Platform Configuration

This document describes recommended platform specific configuration for Mathematical Mesh applications. The use of common conventions for storage of profiles and private keys allows mesh enabled applications to interoperate on the same machine. Protecting private key material from disclosure to other processes presents complex and difficult technical challenges. Ensuring that a key is properly erased from storage before memory is released relies on a complex series of assumptions about memory management at the compiler, operating system and the platform level. For maximum security, the use of private key storage facilities provided by the platform is preferred.

This section presents the related specifications and standard, the terms that are used as terms of art within the documents and the terms used as requirements language.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 .

The terms of art used in this document are described in the Mesh Architecture Guide .

The architecture of the Mathematical Mesh is described in the Mesh Architecture Guide . The Mesh documentation set and related specifications are described in this document.

The implementation status of the reference code base is described in the companion document .

The catalogs and spools associated with a user's Mesh profiles and accounts are stored in Dare Containers. This section describes the conventions used to describe

host.dare: The CatalogHost container with entries for each Mesh
-udf>.dcat`: The CatalogDevice container for the Mesh with -udf>
-udf>/: Directory containing catalogs for the account -udf>
-udf>/CatalogApplication.dcat: The applications catalog for the account -udf>
-udf>/CatalogContact.dcat: The contacts catalog for the account -udf>

A catalog of DeviceConnection, AdminConnection and PendingConnection entries describing Mesh connections for the device on which the container is hosted.

PendingConnection: Describes a pending request to join a Mesh. This entry SHOULD be deleted once the request is either completed, refused or has expired.
DeviceConnection: Describes a non-administrative connection to a Mesh
AdminConnection: Describes a connection with full administration privileges to a Mesh

Holds the CatalogEntryDevice entries that describe all the devices connected to the Mesh whose UDF fingerprint matches the filename.

Holds application information that is shared across all the administration devices connected to an account.

Holds the contact information corresponding to the account.

Holds recryption entries to be provisioned to a recryption service associated with the account. The entries are encrypted under the public encryption key of the service and indexed under the UDF of the corresponding decryption key.

A combination of file access protections and system locks are used to prevent container data being corrupted through conflicting concurrent access.

Since Dare Containers are append only, the scope for read/write conflict is limited to actions that cause the end of file marker to change. It is thus only necessary for processes to acquire a lock on the file when:
Reading the file to update the last position in the file.
Writing to the file to append an object.

A single system-wide names MUTEX is used. To write to the container, a process MUST acquire the named read MUTEX, performs the write operation and releases it. A process reading the container SHOULD NOT acquire the container MUTEX to determine that the end of file marker is greater than zero or that the end of file marker has moved. A process MUST acquire the container MUTEX to update the value of the end of file marker so as to ensure that any pending write operation has completed. The single lock approach was chosen in preference to more sophisticated approaches involving multiple concurrent read locks because the time to acquire the lock is typically greater than the time required to update the end of file position.

None

TBS