分享
 
 
 

RFC49 - Conversations with S

王朝other·作者佚名  2008-05-31
窄屏简体版  字體: |||超大  

NWG/RFC49 Conversations with Steve Crocker (UCLA)

Edwin W. Meyer, Jr.

MIT Project MAC

April 25, 1970

(Both my personal opinions and those that I believe represent a

consensus of the Network Working Group at Project MAC are presented

here. The pronouns "I" and "we" are used to distinguish between

these.)

On April 21 and 23 Thomas P. SKINner and I had telephone conversations

with Steve Crocker at UCLA relating to the network protocol,

specifically regarding our proposal in NWG/RFC46. The following items

were discussed. (I hope that Steve will pardon me if I happen to

misparaphrase him.)

1) Steve stated that he felt that a need for dynamic reconnection would

later be recognized by the network participants. However, because of a

lack of consensus, it will not be included in the initial

implementation. (We at Project MAC favor this approach of not including

it initially.)

2) Steve supported the implementation of the INT network command

described in NWG/RFC46.

This command allows a process that has agreed to accept interrupts over

a socket connection to be reliably interrupted by the process at the

other end. The interrupt causes a process to abey its current execution

and execute a procedure that it has specified as the INT handler. (The

NCP does not specify the INT handler. That is the function of higher

level protocols.)

The INT command is designed specifically for use by a third level User

Control and Communication (UCC) protocol to implement a "quit" signal.

Under such a protocol, both the requestor and the created process agree

that an INT related to a specific socket connection and transmitted over

the NCP control link to the created process is the standard "quit"

signal. The created process provides an INT handler that implements

this "quit" function. (This does not preclude a different

interpretation of INT by other third level protocols.)

Although many systems implement the "quit" as a control character in the

Teletype input stream, systems such as CTSS, Multics, and others

implement it as a 200 ms spacing on the line. We at MAC think that the

first method is an undesirable implementation within the network (while

the second is impossible). I put forth several reasons why (and I think

Steve agreed).

(a) The link over which the quit character is to be transmitted may be

blocked.

(b) While the interrupt is most effectively implemented within the NCP,

it is undesirable for the NCP to place any particular structure on the

data being transmitted. (See discussion below.) This would be required

if the NCP were to scan a data stream for a control character.

(c) Scanning the input stream greatly reduces NCP efficiency in a

subsystem where speed is critical to effective operation.

Steve pointed out that the implementation of INT as a "quit" should not

necessarily preclude a HOST's interpretation of a control character in

the input stream from also acting as a "quit".

3) Steve is opposed both to including the instance tag in the socket

identifier and reserving a null field in the identifier for future

definition. He cited several reasons:

(a) Multiple processes of a single user should be indistinguishable to a

foreign process. (I agree with this in certain cases when processes are

co-ordinated in joint action. But what about the case where two

processes of the same user both want to independently use the network?)

(b) A process wishing to connect to one of a foreign user's processes

does not know the instance tag of the particular process that he wants,

and he can't easily find out.

(c) If an instance tag should later prove desirable it could be added

with some difficulty. (I claim that something as fundamental as the

length of a socket identifier will prove very resistant to change.)

Tom stated that perhaps the low order three bits of the user code could

be reserved for later interpretation as an instance tag. He doesn't

think that a separate field is of great importance.

Steve's arguments seem to have merit. Perhaps Tom's suggestion is the

way to go. I am currently undecided on this matter.

4) We all (Steve and MAC) seem to agree that at the NCP level there

should be no special structure imposed on the data transmitted. To an

NCP all data to be transmitted are bit strings of arbitrary length. One

happy result is that the difficult question of character sets does not

have to be resolved at this protocol level. To include a character set

specification at the NCP level would delay agreement on the protocol and

make this character set more resistant to change. (If there is to be a

standard character set, we prefer ASCII. After all, it is the prefered

standard of our sponsoring organization.)

We also agree with Steve that there should be no optional echoing of

messages at the NCP protocol level. (This is also the position of the

SDC people in RFC44.)

5) Shoshani, Long, and Landsberg also state (RFC33) that they prefer to

align messages to end on a Word boundary as opposed to double padding.

Steve agrees with us in not liking double padding.

6) In our proposal (RFC46) we suggest that RFCs be queued only for open

sockets, that RFCs to inactive or connected sockets are to be

automatically rejected via the CLS command. Steve proposes that RFCs to

these sockets be briefly queued. If the socket remains in an

unacceptable state for a specific interval after the RFCcomes in, it is

rejected. This scheme allows certain types of network command

interaction involving critical races to be implementable. Such a scheme

of limited queueing does not seem unreasonable to me.

7) Steve, Tom, and I discussed strategies for a User Control and

Communication (UCC) Protocol. Steve said that he disliked our UCC

strategy (RFC46) because it requires maintaining two full-duplex

connections to the requestor process and switching between them.

Steve put forth an alternate proposal: a process wishing to create a

user process at a foreign HOST issues RFCs to sockets 0 and 1 belonging

to the user whose process he wishes to create. If these sockets are

inactive, the NCP automatically directs these requests to the foreign

HOST's logger process. The logger accepts connection and performs the

login ritual. If successful, the logger creates a user process and lets

go of the usurped sockets so that the created process may use them to

communicate with the requestor process. (I note that this does not use

reconnection at a network level, since the logger uses sockets belonging

to the ultimate user. However, it does involve internal reconnection.)

Tom and I objected to this because it introduces UCC protocol into the

NCP level. (The NCP must direct all RFCs to inactive sockets 0 and 1 to

a logger process.) I made a quick suggestion that perhaps our two

proposals could be combined such that the requestor issues a

"signalling" RFCto a "signal" socket of the UCC process. The UCC

rejects the RFCbut remembers who is calling. It then tries to connect

two sockets of the process to be created to the requestor's sockets, and

conducts the login ritual through these. Steve liked this and suggested

that I write it up.

Following the conversation, I thought of several disadvantages to this

UCC strategy:

(a) If the control sockets at a created process are limited to 0 and 1,

there is the possibility that a rightful user may not be able to

communicate with a foreign UCC because the UCC already is using those

sockets to communicate with an imposter. The logger will discover this

and turn off the imposter, but this is an aggravating security breach.

A malicious process could issue simultaneous multiple requests to tie up

the sockets and prevent Access to a rightful user. A better solution is

to allow any socket pair of the potential user process to act as the

control path. This permits the UCC to conduct simultaneous

interrogations of competing requestors.

(b) A disadvantage of both Crocker's and the combined UCC is that the

user to be logged in is specified by supplying a socket belonging to a

particular user. The logger must now make the additional check that the

user it is logging in actually belongs to the socket pair it is talking

over. This seems the reverse of the prefered process: to identify a

user and then determine the user code for his socket identifiers.

(c) The user may not know the socket user code of the user he wishes to

log in at the foreign HOST. (After all, there is no basic reason why

the requestor and created processes should have the same user code so

long as the requestor satisfies the foreign logger.)

(d) In the combined strategy, there is no way for the requestor to

specify which socket user code it wants. The only assumption that the

UCC can make is that the requestor process wishes to log in a process

having the same socket user code as itself. (This may not seem very

important, but I envision a scheme in which a local process exists to

allow consoles attached to the local HOST to login at a foreign HOST

without being logged in locally.)

(e) The idea of allowing a process to masquerade within the network as

another process (even with the best of intentions) by using its socket

user code introduces a potentially dangerous security breach. I think

that it should be a basic protocol law that NO PROCESS WHATSOEVER may

request or accept connections or transmit or receive data over a socket

having a user code not its own. This does not apply to an NCP process

which has responsibility for such transmission, nor does it prevent a

priviliged process from closing or rejecting connections between a

foreign process and another local process.

I still think that the UCC proposal we advanced in RFC46 is a good

workable scheme. It does not require socket reconnection (either

eXPressly throughout the network or implicitly within an NCP), nor do

any of the objections raised above apply. The only particular

disadvantage I see is that it requires the requestor process to maintain

and switch between two full-duplex connections. I don't see this as a

serious hindrance. I would like the comments of the network

participants on this point in particular.

Fortunately the UCC is a third level protocol. The second level NCP can

be specified before we reach final agreement on a UCC, provided that the

NCP allows implementation of a workable UCC.

Steve expressed the thought that there need not be an initial standard

UCC, that there might be several UCCs. We at MAC disagree. If we are

all to talk to each other, and not between limited subsets of HOSTs

within the network, there must be an initial standard UCC which

EVERYBODY implements. (Steve is of course correct that there can be

other experimental UCCs also implemented.)

It is theoretically possible for each HOST to provide multiple sets of

software to allow a requestor process to communicate with the loggers at

HOSTs implementing different UCCs. I don't think that it will work this

way in practice. Each HOST will implement the UCC protocol that is most

agreeable to it, and will provide one set of software so that a

requestor process can communicate only with those HOSTs which implement

similar UCCs.

I don't think that there is much enthusiasm at Project MAC for

implementing a non-standard UCC just so we can talk to ourselves. We

want to implement a single UCC supported at all installations, so that

we can log in to all HOSTs using this protocol, and that users at all

foreign HOSTs can log in to us.

[ This RFCwas put into machine readable form for entry ]

[ into the online RFCarchives by Altair Petrofsky 7/97 ]

 
 
 
免责声明:本文为网络用户发布,其观点仅代表作者个人观点,与本站无关,本站仅提供信息存储服务。文中陈述内容未经本站证实,其真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
2023年上半年GDP全球前十五强
 百态   2023-10-24
美众议院议长启动对拜登的弹劾调查
 百态   2023-09-13
上海、济南、武汉等多地出现不明坠落物
 探索   2023-09-06
印度或要将国名改为“巴拉特”
 百态   2023-09-06
男子为女友送行,买票不登机被捕
 百态   2023-08-20
手机地震预警功能怎么开?
 干货   2023-08-06
女子4年卖2套房花700多万做美容:不但没变美脸,面部还出现变形
 百态   2023-08-04
住户一楼被水淹 还冲来8头猪
 百态   2023-07-31
女子体内爬出大量瓜子状活虫
 百态   2023-07-25
地球连续35年收到神秘规律性信号,网友:不要回答!
 探索   2023-07-21
全球镓价格本周大涨27%
 探索   2023-07-09
钱都流向了那些不缺钱的人,苦都留给了能吃苦的人
 探索   2023-07-02
倩女手游刀客魅者强控制(强混乱强眩晕强睡眠)和对应控制抗性的关系
 百态   2020-08-20
美国5月9日最新疫情:美国确诊人数突破131万
 百态   2020-05-09
荷兰政府宣布将集体辞职
 干货   2020-04-30
倩女幽魂手游师徒任务情义春秋猜成语答案逍遥观:鹏程万里
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案神机营:射石饮羽
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案昆仑山:拔刀相助
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案天工阁:鬼斧神工
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案丝路古道:单枪匹马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:与虎谋皮
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:李代桃僵
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:指鹿为马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:小鸟依人
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:千金买邻
 干货   2019-11-12
 
推荐阅读
 
 
 
>>返回首頁<<
 
靜靜地坐在廢墟上,四周的荒凉一望無際,忽然覺得,淒涼也很美
© 2005- 王朝網路 版權所有