Re: Alternate solutions (Was: Re: NFS still has caching problem)

Bryn Paul Arnold Jones (
Thu, 18 Jul 1996 21:28:43 +0100 (BST)

On Wed, 17 Jul 1996 wrote:

> > Do we want to write a whole new filesystem from scratch or just take care
> > of some issues in NFS, for me those would be security and reliability. I
> > think that the more "noble" of the two solutions is to build a new one
> > designed right from the and implemented with security in mind,as well as
> > the replication support, and other features you listed, but do we have
> > time and resources to accomplish the "noble" solution?
> Unfortunately doing the "noble" thing means that you won't
> interoperate with anyone else in the world. If we don't interoperate,
> few people will use it. There is a better way...
> Sun Microsystems is currently working on using GSSAPI (using the
> Kerberos V5 mechanism, but that can be changed) to authenticate and
> protect (integrity and confidentiality) ONC RPC. In fact, someone
> from Sun is presenting this at the Usenix Security Symposium in San
> Jose next week.

Hmm, Sun again. What's wrong with doing the noble thing, and writing a
new nfs ? If we do it well, we'll have something that's easy to use,
is secure, and works well. We'll even give the source away to all who
want it, and as long as we carefully intergrate support for other platform's
diffs in, it'll end up building on anything around, like ssh (mostly) does.

> This new security method could then be used to protect NFS (v2 or v3).
> I think this might be the best course of action: embrace this
> technology and be the first non-Sun platform to support it! That
> would be a coup, wouldn't it?

Sun, Sun, Sun, why do I have to use there products, good as they may be.
They are messing us about with java (current line is "you can have the
1.0.2 source, but we own it, and we even own any binary you get from
it"), and there is no reason why they shouldn't mess us about with this.
Why not make them use our tools for once ....

> -derek

PGP key pass phrase forgotten,   \ Overload -- core meltdown sequence 
again :(                          |            initiated.
                                 / This space is intentionally left   
                                |  blank, apart from this text ;-)