About recipnet.sitegrant files

The recipnet.sitegrant file is a binary configuration file that must be present on every site in Reciprocal Net.  Every recipnet.sitegrant file is unique and custom-built for the site.  It’s not part of the standard software distribution – after you install the recipnet RPM on your server, you’ll need to obtain a recipnet.sitegrant file from the Reciprocal Net Coordinator and place it in your /etc/recipnet/ directory.  Only the Reciprocal Net Coordinator can issue these site grant files.

The recipnet.sitegrant file contains important initialization data specific to your site.  The most important elements are your site’s unique identification number, your site’s encryption keys, and the identity of the Coordinator.  Reciprocal Net is a distributed system and therefore requires that id numbers of its data items be unique.  Centralized creation of recipnet.sitegrant files by the Coordinator ensures that there are no duplicate site numbers, lab numbers, or sample numbers, and that every site knows how to communicate with every other site.  It is important to understand that this file is not intended to be a licensing scheme of any sort – Reciprocal Net is 100% free and open.

A recipnet.sitegrant file contains a site’s encryption key pair, although this might seem curious at first glance.  Reciprocal Net sites are able to exchange messages with one another across the Internet, and for security reasons, cryptographic digital signatures are added to every message and verified by receiving sites.  Encryption keys are necessary for this to work.  Reciprocal Net does not have mechanisms for encrypting data so that it cannot be read by others in transit (nor does it need them), only for signing messages so that they cannot be tampered with by crackers.

Your site stores its private encryption key in the file recipnet.sitegrant.  Therefore, it is important that you secure this file and prevent unauthorized access.  At minimum, you should set permissions on this file so that only the user recipnet can read it.

The recipnet.sitegrant file isn’t obscured deliberately, but it does contain a lot of compressed binary data like encryption keys and so forth.  There are no settings in this file that affect how your server behaves; all of Reciprocal Net’s configuration parameters are stored in recipnetd.conf, which is human-readable.

Currently the Coordinator function is being performed by the Molecular Structure Center at Indiana University.  To obtain a site grant file for your site, send an e-mail to Dr. Maren Pink (info@reciprocalnet.org) telling her that wish to turn your server into a Reciprocal Net site.  She’ll contact you offline (probably via telephone or videoconference) just to say hello and to arrange for the file exchange.  The process normally takes a couple of business days.

We hope to create an automated mechanism at some point in the future for registering new sites and obtaining recipnet.sitegrant files.