PALLAS@Sushi.Stanford.EDU.UUCP (12/31/86)
Perhaps we can all agree on a few things, and move on to something more productive. Please note the distinction between concept and product, which seems to have been the cause of some hot blood. Sun NFS the concept, supported by Sun RPC the concept, has an open-ended authentication scheme which allows for any number of authentication systems, which may be as secure as current technology allows. Sun NFS the product, supported by Sun RPC the product, provides only one authentication system, which is laughably insecure (but not much less secure than Berkeley's rlogin scheme). Some improvement in the security could be achieved by making client machines more secure, but Sun doesn't currently deliver systems with that improvement. Sun NFS the product is becoming a {\it de facto} standard, with Sun's encouragement. That standard (the product) does not have a non-trivial authentication system. Sun NFS the concept supports only the sequence-of-bytes file model. Sun RPC is not a transport protocol, it is a presentation/session protocol, if you insist on trying to use the ISO model. The model described by Watson in {\it Distributed Systems---Architecture and Implementation} is better suited to this discussion, in my opinion. RPC falls into the "service support sublayer" in that model. Now, the REAL issues are these: 1. Security is important when connecting autonomous systems. 2. Heterogeneous systems tend to present different interfaces to similar services. These are not new ideas; they are, in fact, quite ancient. We should be devoting our efforts to exploring solutions to the problems that are posed by these issues in the context of computer systems and networks. Debating the merits of a particular product is not productive. joe P.S. If there's a factual error in the above, I'd appreciate being informed of it. -------