Path: utzoo!attcan!uunet!samsung!usc!ucsd!ucbvax!RT-JQJ.STANFORD.EDU!jqj
From: jqj@RT-JQJ.STANFORD.EDU (JQ Johnson)
Newsgroups: comp.protocols.tcp-ip
Subject: Re:  BITNET -- Internet capabilities
Message-ID: <8910261650.AA20747@rt-jqj.Stanford.EDU>
Date: 26 Oct 89 16:50:32 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 29

>>I wish the Internet had BITNET-style sender-initiated file transfer

>The ability of some arbitrary user elsewhere on a network I'm connected
>to to put files in my account without (at least) password protection
>is a security hole.

This BITNET feature is usually implemented as writing the files to a
remote spool area where disk space is charged to the system rather than
the target user, and the target user may retrieve the files or not
within some reasonable time.  As such, it is not any more a security
hole than the ability to send electronic mail to /usr/spool/$USER.  The
key feature that it has which SMTP-based email lacks is a standard
(sort of) for sending non-textual data.  X.400 with its provision for
arbitrary binary attachments may make this BITNET feature obsolete.
But Internet-only users should not be so narrowminded as to think that
ftp is the "one true way" to manage file transfer!

As Ran remarks, security is a problem on the Internet.  One might argue
that it is less of a problem on BITNET because the BITNET world
developed from the paranoid computing-center-production-IBM-mainframe
environment rather than the casual departmental-Unix-workstation
environment.

JQ Johnson                              voice: 415-723-3078
Manager, Special Projects               Internet: jqj@jessica.stanford.edu
Networking and Communications Systems
Pine Hall Rm 125-A 
Stanford University
Stanford, CA 94305-4122