History and current perspective.
What information about a key should be available without
invoking the key? (For this section we consider a memory
reference to a memory key to be an invokation as well as
the use of a meter key as a meter.) We have argued that
two node keys can be effectively compared by storing in
slot 0 via one and fecthing slot 0 via the other. If you
get what you stored then you probably have the same key.
No security is thus likely to be compromised by supporting
the direct comparison provided by DISCRM. This argument
fails for two read-only page keys. We have nonetheless have
unleashed DISCRIM and have not yet regretted it.
We suggest here several further key scrutinizing functions
and suggest similar arguments as to their safety.
See (p2,node-cmp) and (p2,keybits) for current functions.
Suppose a new order code on
DISCRIM which took a node key and another key. DISCRIM would
tell whether the other key designated the node and if so
what was its key type and data byte. It has been suggested
that the domain tool should be required here but experiments
like those above seem to reveal that information without
the tools use anyway.
If the above is granted then it
can be argued that the node range should provide the same
service for each of their potential nodes without even having
to guess the CDA of the node since otherwise the range key
holder could do the test with DISCRIM for each node in the
range. See (p2,rel-unspec).