[OpenAFS-devel] [FYI] Review of http://k5wiki.kerberos.org/wiki/Projects/Disable_DES ending February 13, 2009

Dean Anderson dean@av8.com
Mon, 2 Feb 2009 14:21:16 -0500 (EST) 

On Fri, 30 Jan 2009, Jim Doyle wrote:

> 
> Sorry for being such a silent lurker on things I was once very active in :)
> Nice to see everyone again. :)

Hi Jim!  Long time.  

> The DCE Security Server used a snapshot of a late Beta release of MIT
> KRB5. This was maybe 1996 timeframe.  That said, its features were
> limited to KDC functionality. DCE did not implement V4 compatibility,
> nor did it implement the Kadmin Interface. So, any DCE cells still
> "out there" are using very old feature set only KDC functionality.

Good memory.  There are still a few DCE cells out there. A large telecom 
recently needed one fixed.

> > I can see some renewed interest in DCE, particularly if, say, IBM
> > were to opensource Encina, or something like that.
>
> I dont.  It's been over for a long time. Encina open source might have
> been interesting 10 years ago as a strategic move. Too late.

They said that Mach was over in 1995.  Today, the iPhone uses Mach.  
Turns out the performance problems were fixable, it just needed a new
set of developers to realize some things.

>From the CMU mach web page:

  "It's never too late. When it's over, you get to tell the story" 
     --Garrison Keillor

http://www.cs.cmu.edu/afs/cs/project/mach/public/www/mach.html

But lets also not forget, this is the openAFS list, and AFS was
supposedly over long before Mach or DCE were 'over'.

And M$ still relies heavilly on DCE in windows.  So take note that DCE
is actually much more widely used than Java or EJB.  Just not in the
linux/bsd/unix world. Which is kind of odd, really.  Who would have
thought in 1991 that M$ would champion DCE?  I had a bad feeling when I
heard M$ was getting involved, back then.

> Everything I once admired in Encina I now can do with EJB 3, or, need
> be, EJB 2.1. Need durable message queues with transactional semantics,
> need it to be cross platform and cross-runtime?  Apache ActiveMQ, or
> even JBoss Message Queueing.  I build distributed systems all the time
> now - with business logic servers running on multiple EJB containers,
> distributed transactions that span app server domains and databases
> using XA, and thin-clients that are transactionally aware. I can
> authenticate clients to servers with SSL keystores. And it's all
> FREE... It's called Java Enterprise Edition.  Transaction processing
> semantics is now as routine as anything else.
>
> Nonetheless, the DCE opened up the architectural foundation for the
> J2EE. In fact, one of the Founders of JBoss was once a coworker of
> mine at Open Environment Corporation. :)

Yeah, that's why I think DCE will come back. The functions are still
needed, and java isn't what I want them on.

		--Dean


-- 
Av8 Internet   Prepared to pay a premium for better service?
www.av8.net         faster, more reliable, better service
617 344 9000