home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Columbia Kermit
/
kermit.zip
/
newsgroups
/
misc.20010921-20020314
/
000338_peter@taronga.com_Thu Jan 31 19:47:38 EST 2002.msg
< prev
next >
Wrap
Text File
|
2020-01-01
|
4KB
|
79 lines
Article: 13176 of comp.protocols.kermit.misc
Path: newsmaster.cc.columbia.edu!panix!nycmny1-snh1.gtei.net!cpk-news-hub1.bbnplanet.com!news.gtei.net!news.maxwell.syr.edu!HSNX.atgi.net!news.kjsl.com!news.usenet2.org!citadel.in.taronga.com!not-for-mail
From: peter@taronga.com (Peter da Silva)
Newsgroups: alt.sys.pdp10,alt.folklore.computers,comp.protocols.kermit.misc
Subject: Re: Internet Kermit Service (was Serving non-MS-word *.doc files)
Date: 1 Feb 2002 00:20:36 GMT
Organization: TSS Inc.
Lines: 61
Message-ID: <a3cn0k$2ro9$1@citadel.in.taronga.com>
References: <3C4A7DF8.2AEC4BD7@trailing-edge.com> <a36pti$2cv$1@watsol.cc.columbia.edu> <a36thl$1dli$1@citadel.in.taronga.com> <a376o2$4ck$1@newsmaster.cc.columbia.edu>
NNTP-Posting-Host: citadel.in.taronga.com
X-Trace: citadel.in.taronga.com 1012522836 93961 10.0.0.43 (1 Feb 2002 00:20:36 GMT)
X-Complaints-To: usenet@taronga.com
NNTP-Posting-Date: 1 Feb 2002 00:20:36 GMT
X-Newsreader: trn 4.0-test72 (19 April 1999)
Xref: newsmaster.cc.columbia.edu alt.sys.pdp10:21205 alt.folklore.computers:288311 comp.protocols.kermit.misc:13176
In article <a376o2$4ck$1@newsmaster.cc.columbia.edu>,
Jeffrey Altman <jaltman@watsun.cc.columbia.edu> wrote:
>In article <a36thl$1dli$1@citadel.in.taronga.com>,
>Peter da Silva <peter@taronga.com> wrote:
>: The client? So I can have it wake up at o-dark-hundred and copy some files
>: between two boxes over a single well-known port?
>If you want a client to run at a specific time you don't need a service
>for that. You can simply use the Scheduled Tasks folder or one of the
>many Run At or Cron style command schedulers.
Frank (or someone) edited out the rest of that sentence, it makes more
sense when it's complete:
| If so, do you have a scriptable client for it that will run as a
| service (or from the scheduler without access to the desktop) under
| NT?
There are too many damn Windows programs that will not run without access
to the desktop (or otherwise refuse to run unless someone is logged in).
>: How about RSA/DSA public keys or equivalent? Kerberos and NTLM require more
>: connectivity between the boxes... if I had an unfiltered connection between
>: the boxes I'd just use Lan Mangler with NTLM authentication.
>Frank left SSL/TLS support. You can use any X.509 certificates (RSA or DSS)
>to establish a pure SSL/TLS or TELNET START_TLS session.
I have only used certificates in the context of a web browser, and they seem
to require access to a CA to complete the process. Can you use certificates
without either end freaking out because they can't verify the damn things?
>We support
>session re-use and client certificate authentication in both the K95
>client and the Internet Kermit Service. For IKS, you need to provide
>a custom DLL to indicate how you want X.509 cert to userid mappings to
>occur and how you want <userid, cert> pairs to be authorized.
Sounds somewhat incomplete (but then the whole certificate infrastructure
has always seemed rather shakey to me).
>: Also, if each public/private key pair is only used between one pair of
>: computers, as in this scenario, revocation is easy. There's only one
>: system that has the public key that needs to have it removed. Of course
>: this could equally well be done using symmetrical encryption with a
>: shared secret, so we're not taking advantage of the full capabililties
>: of public key authentication... we're just taking advantage of the fact
>: that the protocol is implemented in a lot of places so we don't have to
>: reinvent the wheel.
>Someone has to remember to revoke it.
That seems to be a complete nonsequiter. If a certificate is compromised,
someone has to remember to revoke that as well. The only difference is
that you do it by contacting the CA instead of contacting the peer.
--
Rev. Peter da Silva, ULC. WWFD?
"Be conservative in what you generate, and liberal in what you accept"
-- Matthew 10:16 (l.trans)