home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
kermit.columbia.edu
/
kermit.columbia.edu.tar
/
kermit.columbia.edu
/
newsgroups
/
misc.20021006-20030409
/
000116_fdc@columbia.edu_Sun Dec 1 14:26:22 EST 2002.msg
< prev
next >
Wrap
Text File
|
2003-04-08
|
6KB
|
117 lines
Article: 13898 of comp.protocols.kermit.misc
Path: newsmaster.cc.columbia.edu!news.columbia.edu!news-not-for-mail
From: fdc@columbia.edu (Frank da Cruz)
Newsgroups: comp.protocols.kermit.misc
Subject: Re: A Letter to the Kermit Community
Date: 1 Dec 2002 14:25:47 -0500
Organization: Columbia University
Lines: 100
Message-ID: <asdnnr$hr$1@watsol.cc.columbia.edu>
References: <ascn99$pl1$1@newsmaster.cc.columbia.edu>
NNTP-Posting-Host: watsol.cc.columbia.edu
X-Trace: newsmaster.cc.columbia.edu 1038770748 18575 128.59.39.139 (1 Dec 2002 19:25:48 GMT)
X-Complaints-To: postmaster@columbia.edu
NNTP-Posting-Date: 1 Dec 2002 19:25:48 GMT
Xref: newsmaster.cc.columbia.edu comp.protocols.kermit.misc:13898
In article <ascn99$pl1$1@newsmaster.cc.columbia.edu>,
Jeffrey Altman <jaltman@watsun.cc.columbia.edu> wrote:
: Today marks the end of a significant period in my life...
: Looking back over the last eight years it is somewhat incredible to
: think about what was acheived...
:
Anyone who has been following the goings on here since 1995 knows Jeff's
key role in most of it, if only by his over-the-top devotion to 24x7
end-user support:
http://www.columbia.edu/kermit/tsreviews.html
Jeff is an extremely talented and hard-working person; we were lucky to
have him and are unlucky to lose him. Ironically, Jeff's main passion
over the past 5 years or so -- security -- is precisely what should have
sealed our success, yet the market did not respond. Kermit 95 was one
of the first, if not THE first, full-featured Windows communication
software packages to support Kerberos IV, Kerberos V, and SSL/TLS, as
well as the lesser-known Secure Remote Password, each of which offers
MANAGEABLE secure authentication and strong encryption. But it turned
out that, despite the many earlier requests for it, nobody actually wanted
manageable security because it must, indeed, be managed, and instead
flocked towards SSH, which in many ways is a disaster waiting to happen:
http://www.columbia.edu/kermit/sshclient.html#x3.2
This was a setback for us, because instead of concentrating on GUI
development, essential not only in the mass market but also to many of
our potential large licensees, we had to drop everything and add SSH to
K95, which took a year, just so people could keep using K95 in an
environment where Telnet servers were being turned off (rather than
secured) and SSH was suddenly required for terminal connections. We had
expected that at least some of the larger corporations and government
agencies would be more serious about security. Live and learn.
: One of the greatest aspects of my work on Kermit has been that the
: impact of my work has not been limited only to the Kermit product and
: its users. Through Kermit I have participated in the Internet
: Engineering Task Force on numerous working groups and have either
: authored or edited over two dozen Internet-Drafts and RFCs....
:
Shamefully this kind of activity is no longer valued in most workplaces.
Devotion to standards and participation in their evolution rarely
contributes to the bottom line, and are increasingly discouraged if not
punished in these hard times except in the few companies that can still
afford it -- a trend which has consequences for us all.
: ... But overall I believe that Kermit 95 is a
: very good product that in many ways probably does too much. :-)
:
A common theme in the evolution of any software product. It starts out
small and focussed; users request more features; the market makes new
demands (such as SSH); the product becomes increasingly complex and
"bloated"; eventually users begin longing for the good old days when the
product was "lean and mean". But of course they can't go back to the
original release because it lacks certain essential features that were
added later -- a different set of them for each user!
Perhaps our mistake has been to listen too closely to our users and try
too hard to please. Other products tend to displace K95 by offering
users very little in terms of features or choices, and therefore are
perceived as easier for most people to use.
Kermit's strength, however, lies in its ability to be adaptable to
almost any setting; perhaps it is best suited to situations in which
professionals can configure it for end users -- employees or clients of
a company, the population of a university, workers in a government
agency. This is done through its command scripting language, which
allows complex or repetitive procedures (such as EDI transactions) to be
"canned" for use by relatively unskilled workers. I would like to think
the value of this approach will become apparent as we suffer
increasingly through the labor-intensive, error-prone, point-and-click
interfaces that are coming to dominate the workplace and drag down
productivity.
: I still consider myself a member of the Kermit Project even if I am
: not paid to be.
:
I can't predict how much time Jeff can devote to Kermit in the future.
Even if it's only 10% of his normal contribution, that's about a
full-time job for anybody else :-)
But let's not take this as an epitaph for Kermit 95. We have just
released version 2.1, which is totally up to date with all the latest
Kerberos, OpenSSL, and other security libraries, and seems so far to be
quite solid. It's easy to install and easier to use than ever. It's
easier to get too. As long it remains popular I'm sure Jeff won't
forget about it. In any case, we intend to continue to develop and
support it, as we always have done. If that changes, I'll let you know.
Kermit 95 2.1 has just now gone to press. The new shrinkwraps -- which,
for the first time, contain the secure cryptographic version of the
software -- should be available towards the end of December. You can
preorder them at the old price starting today:
http://www.columbia.edu/kermit/k95order.html
Thanks, Jeff.
- Frank