Path: utzoo!utgpu!news-server.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!pacific.mps.ohio-state.edu!zaphod.mps.ohio-state.edu!wuarchive!husc6!cmcl2!kramden.acf.nyu.edu!brnstnd From: brnstnd@kramden.acf.nyu.edu (Dan Bernstein) Newsgroups: comp.protocols.tcp-ip Subject: Re: Are sockets the wave of the future? Message-ID: <8076:Aug2616:42:1890@kramden.acf.nyu.edu> Date: 26 Aug 90 16:42:18 GMT References: <1990Aug25.183437.1@rogue.llnl.gov> <1990Aug26.065346.13988@Solbourne.COM> Organization: IR Lines: 49 In article <1990Aug26.065346.13988@Solbourne.COM> imp@dancer.Solbourne.COM (Warner Losh) writes: > In article > hedrick@athos.rutgers.edu (Charles Hedrick) writes: > >The advantage is that you could move to ISO or anything > >else by changing the lower layers, and the application would not be > >affected. > The disadvantage is that you can't write programs like FTP or sendmail > using the RPC protocol. Not programs that will interoperate with > other FTP's and sendmails, at any rate. auth provides that advantage without that disadvantage! Again, it was designed for client-server applications, unlike RPC. From the README: This package provides two benefits. The first is a secure user-level implementation of RFC 931, the Authentication Server; unless TCP itself is compromised, it is impossible to forge mail or news between computers supporting RFC 931. The second is a single, modular interface to TCP. Programs written to work with authtcp and attachport don't even need to be recompiled to run under a more comprehensive network security system like Kerberos, as long the auth package is replaced. The base package includes authtcp, a generic TCP client; attachport, a generic TCP server; authd, a daemon supporting RFC 931; and authuser, a compatibility library letting you take advantage of RFC 931 from older applications. authutil is a big pile of miscellany illustrating how to use auth. Directories: aport - support programs for authtcp and attachport, making server control easy; clients - various sample Internet clients, including a short shell script implementation of trivial inews (with RFC 931 security, of course); sendmail-auth - a small set of wrappers you can put around sendmail to achieve full username tracking; servers - various sample Internet servers, including a secure fingerd that wouldn't have let RTM in; tam - Trivial Authenticated Mail, a complete mail system in just 200 lines of code; and util - various short utilities that everyone should have. > While RPC is good for some things, it is not the answer to all the > networking problems. Agreed. It was designed for remote procedure call and does that quite reasonably. > Sometimes you just gotta write at a fairly low > level to interoperate with other programs. I don't think this is true: auth's interface is very high level. ---Dan