Path: utzoo!utgpu!news-server.csri.toronto.edu!mailrus!wuarchive!zaphod.mps.ohio-state.edu!samsung!umich!yale!cmcl2!kramden.acf.nyu.edu!brnstnd
From: brnstnd@kramden.acf.nyu.edu (Dan Bernstein)
Newsgroups: comp.protocols.tcp-ip
Subject: Re: auth as a replacement for rpc
Message-ID: <12280:Aug3017:47:0690@kramden.acf.nyu.edu>
Date: 30 Aug 90 17:47:06 GMT
References: <1990Aug29.151341.3999@eagle.lerc.nasa.gov>
Distribution: usa
Organization: IR
Lines: 20

In article <1990Aug29.151341.3999@eagle.lerc.nasa.gov> xxbja@csduts1.lerc.nasa.gov (Betty Jo Armstead) writes:
>  A few days back someone mentioned auth which seemed to be a replacement
>  for rpc.  I am interested in finding out more information about
>  auth.

(I couldn't get mail through to you.)

It isn't a replacement for RPC. It's an entirely different philosophy.
auth is meant for client-server applications; RPC is meant for remote
procedure call applications. The acid test for RPC is whether you know
beforehand what the code on the other end is doing. If you don't, you
should stick to a pure client-server model.

auth was published in comp.sources.unix volume 22. It uses RFC 931 to
identify the user on the remote end, though of course you can run it
without this feature. A companion package, authutil, is in the same
volume; it illustrates various uses of auth. Both packages should work
on any BSD variant.

---Dan