Re: The Web is more than (conventional) distributed objects: ILU developments

Bill Janssen (janssen@parc.xerox.com)
Thu, 5 Oct 1995 13:33:14 PDT


Since Paul & Craig mentioned ILU, I thought I might bring you all up to
date on what's new with ILU. By the way, I generally agree with Craig's
comments all through the message.

One of the key points mentioned was the need for security in any
WAN-capable distributed systsm technology:

Excerpts from ext.WorldWideWeb: 4-Oct-95 Re: The Web is more than (c..
Paul Burchard@cs.princet (7015*)

> Craig Hubley writes:
> > A simpler alternative is RPC-based stubs that sit behind
> > proxy objects instantiated by a local library. Use
> > CORBA/ILU when dealing with another object oriented
> > application, but the overhsad isn't required when you
> > know your server. Running through insecure brokers
> > might be quite undesirable. I can implement a secure RPC
> > stub easily but it's a horror to write my own secure CORBA
> > implementation. And I'll be damned if my financial apps
> > are going to route their requests through a commercial
> > broker running on someone else's network, in the
> > clear...!

Indeed. What we've done over the summer is to implement a special
`transport' systsm for ILU that works with the IETF CAT group's Generic
Security Service to provide message protection for packets communicated
between two processes. This protection can include caller and callee
identity verification, message integrity checks, and message secrecy,
depending on which specific security protocol you decide to use with the
GSS. We've implemented Netscape's SSL as one protocol (and yes, we also
noticed the key generation weakness). However, any other security
protocol you may happen to want to use can also be plugged into the GSS,
which is defined as a *generic* interface to security. SSL is fairly
hsavyweight in terms of round-trip messages. I can't believe it would
be a good security protocol for the Web.

> > You mean, incorporate the CORBA Common Services and Object Model ?
> > Don't forget that real security implies authenticated encrypted and
> > traffic-mixed requests and responses, which CORBA doesn't have now.
> > Think of it as a parallel to SSL - a 'secure object/method layer'.

CORBA is going to have it soon. ILU has it now.

> > Another reason to offer some DCE-based integration is
> > that it could be rolled out far more quickly than an
> > improved CORBA. DCE-RPC-based tools could easily issue
> > SSL calls instsad of insecure socket calls. However
> > producing an object oriented secure layer seems like a
> > major task and a prerequisite to serious commercial
> > applications.

This hasn't been our experience. Once you have an implementation of the
GSS, with some security protocol, it is a small task to fit it into a
properly designed ORB; it may even be less work that would be required
for DCE RPC or ONC RPC.

For more information on ILU, and more details about new things in our
upcoming 1.9 release, please see
ftp://ftp.parc.xerox.com/pub/ilu/ilu.html.

Bill


  • Next message: Braddock Gaskill: "Re: Distributed Collision Detection"
  • Previous message: Jeff Sonstsin, M.A.: "cleanup at the vrmLab/Warehouse [ha-choo]"
  • In reply to: Paul Burchard: "Re: The Web is more than (conventional) distributed objects"