Path: utzoo!news-server.csri.toronto.edu!rutgers!apple!wrs From: wrs@Apple.COM (Walter Smith) Newsgroups: comp.org.eff.talk Subject: Re: Georgia Tech's Restriction on Internet Access Summary: Trusted hosts are antiquated Message-ID: <50182@apple.Apple.COM> Date: 13 Mar 91 02:46:17 GMT References: <23808@hydra.gatech.EDU> Organization: Apple Computer Inc., Cupertino, CA Lines: 37 Apple uses the "trusted host" scheme. We have a big VAX (apple.com) that speaks to the Internet and transfers mail, and an internal network that is completely separate. To use the Internet you must get an account on apple.com, which usually requires very little effort (at least for R&D employees). Providing a "trusted host" was fine in the ancient (more than five years ago) Internet environment, where mail and remote login was pretty much the entire functionality one could want from a network. However, in the modern Internet, we have progressed beyond such childish 7-bit ASCII games. The most common example I can think of is the X Window System. To connect the window server on my local workstation with a client on the Internet requires the client to initiate a connection with my workstation. In the trusted host scheme, this is impossible, since the client doesn't even know my workstation exists. As Internet technology progresses, I imagine that more services based on such client/server protocols will appear. An institution that follows the remote-login-and-mail-only trusted host model will be preventing its members from using such services. Certainly, there are valid concerns related to loosing thousands of young explorers with Ethernet-equipped PC's onto the Internet. I think, however, that eliminating these concerns by restricting an entire institution to whatever Internet resources can be accessed through one-way Telnet connections may be too extreme a solution. - W P.S. I hope no one takes offense at the phrase "young explorers". I myself am a young explorer with an Ethernet-equipped Macintosh... and a few years ago (at CMU), it was even on the Internet. -- Walter Smith wrs@apple.com, apple!wrs Apple Computer, Inc. (408) 974-5892 My corporation disavows any knowledge of my activities on the network.