[squeak-dev] [Pharo-dev] [ANNOUNCE] ParrotTalk release/design change considerations

henry henry at callistohouse.club
Wed Oct 25 16:00:09 UTC 2017

I disabled vatId authorization in version 3, located in SessionOperations>>processIWant | SessionOperations>>processIAm:.

I was asked to disseminate my news to Pharo Users, hello there. I was asked to describe ParrotTalk well, provide use cases and adopters of its use. Alright, I will give an attempt.

ParrotTalk is an encrypted connection framework. Currently allowing anonymous 2048-bit key negotiation to establish user-provided encryption cipher and user-provided encoding and decoding, both through a provided SessionAgentMap to a starting SessionAgent server. Please look in the test case ThunkHelloWorldTest for building these maps and running a connection iwth data passing after encryption is established. There is a 4-way negotiation, from ProtocolOffered/Accepted to Go/GoToo. In using RSA 2048 signature validation and DH 2048 primes to establish the key used within the selected Cipher. The Cipher and Encoder are selected by name through the negotiation protocol. Currently three Ciphers are selectable, AESede, DESede, and DES. There are two encoders tested, asn1der, and Bytes. This protocol is described here, in this document.


For as to use cases, this encrypted connection has no third party, man-in-the-middle situation by not using Certificates. As such, this is a tight implementation of NSA-proof encryption without explicit authorization beyond knowledge of a host:port. The use cases involve any communication desired to be encrypted with such high encryption. The support will last my lifetime, so we have a settled solution, here in the third version, provided here. It requires version 111 of Cryptography, as a prerequisite. Both run on Squeak and Pharo.


The current use is with my hubbub system, a promise-based distributed object implementation. I am working to bring ParrotTalk to Java and allow hubbub to operate interdependently between Squeak, Pharo, Java and any other languages which can support ParrotTalk and STON. My latest efforts with hubbub are to bring STON as the Layer 6 encoding. Hubbub depends on eLinda.


Hubbub currently fails to load correctly in Pharo. In Squeak the two ParrotRemoteTestCases: LookupTestCase and OperationalTestCase really screw everything up, do not save an image after running. I never run these tests until I get a better handle of serialization. Currently, do to a shift in progress to STON, the serialization tests fail, just the way we like it. Fix the tests then the system starts to work right.

The shift away from vatId authorization should not adversely affect hubbub, we hope! When STON starts to work, and I think I need to turn off jsonMode, then traffic between vats can start to be analyzed and figure out how resolving is working with redirectors invoked remotely.

- HH

> -------- Original Message --------
> Subject: Re: [Pharo-dev] [ANNOUNCE] ParrotTalk release/design change considerations
> Local Time: October 25, 2017 12:43 AM
> UTC Time: October 25, 2017 4:43 AM
> From: btc at openinworld.com
> To: henry <henry at callistohouse.club>, Pharo Development List <pharo-dev at lists.pharo.org>
> Stephane Ducasse <stepharo.self at gmail.com>
> If I google... parrottalk protocol
> nothing seems related.  So what is ParrotTalk?
> P.S... since this is not "part of" pharo, [pharo-users] would be a better place for discussion than [pharo-dev].
> Could you re-announce there, with some description of use cases and who/where the protocol is used?
> cheers -ben
> On Wed, Oct 25, 2017 at 1:42 AM, henry <henry at callistohouse.club> wrote:
>> Please excuse all the low-level detail, if inappropriate to the discussion. The protocol changes are here specified.
>> - HH
>> On Tue, Oct 24, 2017 at 13:40, henry <henry at callistohouse.club> wrote:
>>> In order to bring ParrotTalk-3.6 support, alongside historical 3.5 support, the frame header stays the same and the processing of the ProtocolOffered would select "ParrotTalk-3.6" to use the compact protocol of
>>> - ProtocolOffered { offered, preferred }
>>> - ProtocolAccepted { accepted }
>>> - IWant|GiveInfo|ReplyInfo { vatId, domain, publicKey, cryptoProtocols, dataEncoders }
>>> - IAm|ReplyInfo { vatId, domain, publicKey, cryptoProtocol, dataEncoder, dhParam }
>>> - Go { cryptoProtocol, dataEncoder, dhParam, signature }
>>> - GoToo { signature }
>>> Using eLinda :
>>> http://www.squeaksource.com/Cryptography/elinda-HenryHouse.14.mcz
>>> Above the FrameBuffer, below the SessionOperations for each version of the protocol, an ELindaSession could be inserted. This session think would have the stacks for each protocol version SessionOperation registered by protocol in a Tuple, for eventual callback. When the ProtocolOffered comes in we publish the tuple frame, with set selected version, to route to the correct SessionOperation to support each version of the protocol.
>>> With a non-specific vatId required, anonymous connections would be supported.
>>> - HH
>>> On Tue, Oct 24, 2017 at 12:52, Stephane Ducasse <stepharo.self at gmail.com> wrote:
>>>> Hi henry thanks for this announce. Can you tell where such protocols are used? Stef On Tue, Oct 24, 2017 at 6:33 PM, henry wrote: > Hi all, > > I am happy to announce the release of version 3.5 of ParrotTalk, for Squeak > and Pharo, found here: > > http://www.squeaksource.com/Cryptography/ParrotTalk-zzz.2.mcz > > It follows this specification: > https://github.com/ZiroZimbarra/callistohouse/blob/master/docs/ParrotTalkFrameDesign-3.5.pdf > > One item of note, in version 3.5, the system connecting to a server, sending > the IWant msg, must know the vatId of the system being connected to. I am > considering changing this to version 3.6 by removing one round-trip in > messaging. Therefore, these messages would be combined: IWant/GiveInfo, > IAm/ReplyInfo. I will keep ProtocolOffered and ProtocolAccepted to allow > eLindaSession to support both versions: 3.5 and 3.6. > > Thoughts please? > > - HH
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squeakfoundation.org/pipermail/squeak-dev/attachments/20171025/9254b26e/attachment.html>

More information about the Squeak-dev mailing list