After some time, I managed to write this list of requirements for Fenrir:
- Efficiency: The protocol must not be above the 5th layer of the ISO/OSI pile and must be a binary one -- no XML.
- Completeness: The protocol must handle authentication, authorization, encryption of the connection.
Flexibility: It must be adaptable to multiple needs:
- multiple streams
- both reliable and _unreliable connections
- both ordered and unordered messages
- both bytestream and datagram transmission
- any combination of the above
- Forward Eror Correction support
- Interoperbility: A developer must be able to use a single library for multiple vendors, without any change (f**k OAuth).
- Federation: As in kerberos, federated authentication must be possible.
- Token-based: We don't like to give our password away too often.
- Nonce-based: I really don't like to keep synchronized clocks between client and server...
- Securely desinged: The protocol must not have any amplification attack. and provide formal proofs.
- multiple authorization levels. We'd like to grant different levels of privilege to different applications.
These are just the main requirements. A lot of other small but important stuff is:
- Reconnect Without big handshakes: - tcp handshake + ssl handshake + OAuth handshake takes a LOT of time, being able to associate once and then reuse the association even after a quick network failure is a good thing.
- Multi-homing support: Possibly dynamic for long connections and mobile clients.
- Mobility support: the connection stays up even if we change IPs.
- Do something about the ridiculous X.509 certificate situation.