Difference between revisions of "QKR"
Revision as of 05:19, 20 March 2005
/QKR - Query Key Request
The query key request asks a destination hub to provide a query key that the requesting node can use to securely perform queries. This mechanism ensures that the network cannot be used to direct unsolicited packets to external hosts.
A query key request should be sent to a hub via the connectionless transport if a key is not already available for that hub for the local node address, or if a previously acquired key no longer works or has expired. There is no reason to request a query key via a TCP link.
Upon receiving a query key request, a hub should respond with a query key answer (/QKA) packet if it is willing to supply a query key. The answer packet should be dispatched to the return address indicated in the request packet only, and the allocated key should be locked to that address.
This packet has no payload at the current time.
The QKR packet has one child packet defined at the current time:
/QKR/RNA - Requesting Node Address
A query key may be requested for a node address other than that of the sender, for example when a UDP-firewalled leaf node wishes to acquire a query key for a remote hub that it will route through a locally connected hub. In this case it must request a query key for the node address of a connected hub.
This child is required to ensure that the sender knows its address.
The network address of the requesting node. See Datatypes for more information.
This packet has no known children at the current time.