List of Archived Posts

2003 Newsgroup Postings (10/03 - 11/13)

public key vs passwd authentication?

public key vs passwd authentication?

public key vs passwd authentication?

public key vs passwd authentication?

Dual Signature

"Personal Computer" Re: Why haven't the email bobmers been shut down

The IBM 5100 and John Titor

3270 terminal keyboard??

The IBM 5100 and John Titor

The invention of the real-time interrupt

Cracking SSL

Dreaming About Redesigning SQL

Dreaming About Redesigning SQL

CPUs with microcode ?

Poor people's OS?

Dreaming About Redesigning SQL

log on windows xp with smartcard

which CPU for educational purposes?

Dreaming About Redesigning SQL

Dreaming About Redesigning SQL

which CPU for educational purposes?

Is it possible to devise a public-key cipher with no flaws?

foundations of relational theory? - some references for the

Are there any authentication algorithms with runtime changeable key length?

Good news for SPARC

Are there any authentication algorithms with runtime changeable

Good news for SPARC

Controversial paper - Good response article on ZDNet

CYLFAULT

Architect Mainframe system - books/guidenance

Is this right? Question about SSL and PKI

hardware vs software security

NSA chooses ECC

Cray to commercialize Red Storm

Macros and base register question

ftp authentication via smartcard

Cray to commercialize Red Storm

Cray to commercialize Red Storm

Cray to commercialize Red Storm

DASD history

Cray to commercialize Red Storm

When nerds were nerds

When nerds were nerds

When nerds were nerds

IEN 45 and TCP checksum offload

hung/zombie users ... long boring, wandering story

What makes a mainframe a mainframe?

What makes a mainframe a mainframe?

What makes a mainframe a mainframe?

Rant (Re: Programmer's unpaid overtime)

Call-gate-like mechanism

Call-gate-like mechanism

Call-gate-like mechanism

public key vs passwd authentication?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: public key vs passwd authentication?
Newsgroups: comp.security.ssh
Date: Fri, 03 Oct 2003 18:48:41 GMT

Anne & Lynn Wheeler writes:

So what are the advantages of public key over OTP?:

1) digital signature authenticates both the entity as well as the
message and
2) digital signature can operate with message originating from the
sender w/o real time communcation.

original post:
http://www.garlic.com/~lynn/2003m.html#50 public key vs passwd authentication?

as an aside, what is possible worst case scenario for OTP?

lets say

• client doesn't keep any state (other than encrypted password)
• server uses the same password addendas for all accounts
• challenge is predictable
• attacker can both evesdrop and impersonate the server

so the attacker

• evesdrops for a while .... collects some number of (possibly
server-wide) server-side passphrase addendas

• takes to impersonating the server with challenge count of one and
then signals transmission error/drop to the client once the response
has been obtained.

Say the clients current count is actually at thousand, and the client
doesn't track server-side counts ... the attacker (having obtained the
hash for the number one password) now can calculate all of the
(remaining, unused) one-time passwords for that account.

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

public key vs passwd authentication?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: public key vs passwd authentication?
Newsgroups: comp.security.ssh
Date: Sat, 04 Oct 2003 15:11:23 GMT

Michael Sierchio writes:

Here's the thing -- OTPs aren't really a challenge-response
mechanism.  The challenge is entirely predictable, it's the
original salt and the sequence number.  Salt is used only
to permute the algorithm in the case of dictionary attacks
against the passphrase.

There have been claims that the server-side "salt" can also be
different/unique with different servers ... allowing a client to use
the same client-side secret for all servers. Although, in that case,
the client might possibly want to keep a log of all server "salts"
... to guarentee that they are all different.

The vulnerability in the whole OTP scheme with iterative hashes ... is
if any client hash value leaks that is for an iteration less than
currently being used by a server.

the OTP description in the RFC ... has the client with a secret
.... which is combined with something (salt) from the server to form a
kind of password. The idea is that the client can use their same
secret with lots of different servers ... each server providing unique
server salts. The combined client-secret+sever-value is hashed
repeatedly, the secret isn't used as a password ... each hash
iteration is used as a password, just once.

On initialzation, the server provides the server side salt ... and
gets back from the client, the value of the Nth hash. The core of this
is that hashes are one-way functions that can't be reversed.

In the RFC, the description is that the server provides a predictable
challenge, the server-side salt and the count N-1. The client can
have the original client-secret sitting in an encrypted file that is
available by decrypting with a client known passphrase.

Getting the server challenge, the client decrypts the file to obtain
the client-secret (using a client passphrase), combines the
client-secret with the server-side salt, and runs it iteratively thru
the hash function N-1 times. The client then returns the N-1th
iterative hash value as the (unique) response. The server gets the
response, runs the hash function one more time and compares it with
the Nth-iterative hash previously recorded.

If HASH(client response) == recorded hash .... then the server accepts
the client as valid. The server then updates the recorded hash value,
with the n-1 hash value and saves the client's current iterative value
as n-1.

The threat scenario on OTP is to impersonate the server and get the
client to cough up the first iterative hash value (or any iterative
hash value that is lower in sequence than that already being used
between the client and server).

While the original value is dependent on the combination of the
client-side secret and the server-side value .... each OTP is only
actually dependent on the immediately preceeding hash value (as
demonstrated by the mechanism that the server uses to verify the
response). Given that the attacker is able to obtain any earlier hash
value in the sequence ... it never needs to find out the original
client-side secret.

The attack is to impersonate the server and serve up a predictable
challenge to the client with a count of one and the server-side value
(obtained from previous evesdropping). If a server is using the same
server-side value for all clients ... then it only needs to obtain
that value once from a single evesdropping ... and be able to attack
all of that server's clients thru server impersonation ... in each
case spoofing a challenge with a (hash interation) count of one.

As in the previous post:
http://www.garlic.com/~lynn/2003n.html#0 public key vs passwd authentication

• client doesn't keep any state (other than encrypted client-side secret)
• server might use the same server-side salt for all accounts
• challenge is predictable (hash iteration count & server-side salt)
• attacker can both evesdrop and impersonate the server

if the server uses different/unique server-side value for each client,
then the attacker will have to evesdrop at least one transaction for
each client .... otherwise it only has to evesdrop a single client
transaction to get enuf information to impersonate the server for all
that server's clients.

The server impersonation attack is to send the client a challenge with
the server-side value and the hash iteration count of one. Once it has
the client's response for hash-iteration-one .... it can impersonate
the client and provide a valid client response for any valid server
challenge involving a hash iteration count greater than one.

If the client isn't keeping any state .... other than the originally
encrypted client-secret ... then it may never realize that it has been
attacked and spoofed into giving up the first hash iteration value (or
any hash iteration value less than currently being used by the valid
server).

The RFC described OTP such that the client only has to keep the
original client-secret ... and an OTP infrastructure where the same
client-secret can be used with an arbritrary number of different
servers w/o divulging information.

However, if the client isn't keeping any state information, a
questionable server can attack another server (if it has evesdropped
and obtain that server's salt). Instead of sending to the client, its
server-salt and the current count ... it sends the client a different
server's salt and a count of one. It gets back the first iteration
count for the server it is attacking and then signals the client a
transmission error and repeats the challenge/response with its own
salt/count. You might even imagine a black market in (stolen) first
iteration hash values.

The attack is the same whether the client is using the same
client-secret or different client-secrets for all servers .... since
the attack is not dependent on the attacker ever finding out the
client-secret; just the first iteration hash value (or any hash
iteration value, less than the current iteration value used by the
server).

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

public key vs passwd authentication?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: public key vs passwd authentication?
Newsgroups: comp.security.ssh
Date: Sat, 04 Oct 2003 15:51:09 GMT

Michael Sierchio writes:

Always a good idea to know whom you're talking to before
giving privileged information.

The original post:
http://www.garlic.com/~lynn/2003m.html#50 public key vs passwd authentication?

was in response on the side topic of a major problem with the
shared-secret password scheme is the the requirement that the client
has to have a unique shared-secret for every different security domain
(bank, home, employeer, etc) .... otherwise information could leak
allowing one organization to possibly compromise a different
organization.

The assertion was that OTP allowed a client to only have to remember a
single client-side secret .... with the implication that the same
client-side secret could be used in an OTP paradigm and not allow
leakage vulnerabilities between one organization and another
organization (which in the shared-secret paradigm mandates a unique
shared-secret password for each different security domain).

In theory, the server-side/organizational salt provided to the client,
when combined with the client's secret/passphrase (whether it is a two
level scheme with encrypted file decrypted by passphrase or directly
used) then creates a series of OTP values unique to that client/server
combination.

So the first part is to highlight that OTP is vulnerable to server
impersonation ... where somebody knowing a specific server's
value/salt can obtain the first iteration hash value from the client.

The next, is that if the client has no recorded state about each
challenge/response event ... then one security domain can "attack"
another security domain ... by using a challenge formulated to
impersonate a server in another security domain .... getting the
client to leak the first iteration hash.

The original side-thread was whether or not OTP helped in the multiple
security domain environment .... alleviating the existing sever
problem where human isn't equipped to remember unique shared-secret
for every unique security domain; preventing cross-domain
authentication information leakage ... enabling one security domain to
attack a different security domain.

So the response(s):
http://www.garlic.com/~lynn/2003m.html#50 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003n.html#0 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003n.html#1 public key vs passwd authentication?

outlined a vulnerability and exploit based on impersonating a server
and obtaining a first iteration hash value.

so the client can take precautions that it is only talking to some
valid server. however, within the original posting context of cross
security domain leakage of authentication information (requiring
unique shared-secrets for every security domain in the shared-secret
paradigm), can one server impersonate another server as part of a
cross domain exploit for obtaining leaked authentication information
(the context of the original post)? So then the question is does OTP
have any client-side countermeasures and/or awareness that it even
occured.

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

public key vs passwd authentication?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: public key vs passwd authentication?
Newsgroups: comp.security.ssh
Date: Sat, 04 Oct 2003 16:30:08 GMT

... everything i read claimed that OTP was designed as countermeasure
against active evesdropping (of shared-secret passwords).

... everything i read claimed that OTP "challenge" was at least to
address eliminating the client having to keep state information
(didn't have to remember a current server's iternation value ... which
could get out of sync ... or a server-side value/salt).

... the assertion in the original post implied that the
client-passphrase plus server-side value/salt as the basis for the
hash interations .... could be used to address cross security domain
authentication information leakage; enabling the same client-side
passphrase to be used with all servers.

so the question is ... given that there is no client-side state
(getting everything predictably from the server) and OTP is going to be
used as a solution for cross security domain authentication
information leakage .... is there an attack/exploit where a valid
server can impersonate a server in another security domain, obtain the
first iteration hash value ... and the client not be aware that it
happened.

The scenario initially made the claim about anybody being able to
impersonate a server enabling the first iteration hash value exploit.
A possible countermeasure is for the client to only execute OTP
protocol when it knows it is talking to a valid server.

However, the original scenario concerned cross security domain
authentication information leakage .... in which case the attack may
be from a valid sever. The question is then can any valid server
attack the client to obtain authentication information for a different
security domain/server (and the attack go undetected).

The assumption is that any server can evesdrop on the traffic for any
other server (in order to obtain the predictable information for
impersonation).... since theoritically the original purpose of OTP is
a countermeasure for evesdropping threat (if somebody chooses
to eliminate the possibility of evesdropping, then a claim could be
made that the original justification for OTP is also eliminated).

some of the thread pieces:
http://www.garlic.com/~lynn/2003m.html#49 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003m.html#50 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003m.html#51 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003m.html#52 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003m.html#55 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003n.html#0 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003n.html#1 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003n.html#2 public key vs passwd authentication?

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

Dual Signature

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Dual Signature
Newsgroups: alt.security
Date: Mon, 06 Oct 2003 15:10:15 GMT

andyoz77@yahoo.com (Andy) writes:

Could you please help me to find out:

What is a dual signature?
Why is a dual signature required? and
How is a dual signature created?

is this homework?

business/corporate checks frequently have something printed on them
stating that two (or more) signatures are required when the check
amount is above some limit (say $5k).

FSTC when they were defining digitally signed business checks ... and
inventing FSML ... financial signature markup language ... which was
contributed to W3C and invovled into XML digital signature) ... had to
support business check infrastructure of multipe digital signatures.

--
Anne & Lynn Wheeler -  http://www.garlic.com/~lynn/

"Personal Computer" Re: Why haven't the email bobmers been shut down

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: "Personal Computer" Re: Why haven't the email bobmers been shut down
Newsgroups: alt.folklore.computers
Date: Thu, 09 Oct 2003 04:10:44 GMT

Peter Flass writes:

Nice thing about Multics shared segments.  I don't know how unix DSOs
work, but with OS/2 (and presumably windoze) DLLs the entire library is
loaded and occupies shared virtual address space (in all processes) even
when only one routine is needed.  As I understand it, Multics made it
easy to load single segments (every routine is, in effect, automatically
a separate DLL) and the segment was mapped only for processes actually
using it.  I do believe that often segments were bound to create
collections of routines ofen used together.

I did original cp/67 and then vm/370 shared segment enhancements the
same way. The problem on vm/370 was it was limited to 24bit addressing,
specifying 64k segments ... gave possible 256 "segments".

standard VM/370 had a system/priviledge definitions for what was
shared segments .... privilege user loaded stuff into the appropriate
place in their virtual address space ... and issued a privilege
savesys command. Any user then could perform a loadsys and the
appropriate virtual memory tables would be updated to reflect that
they could be sharing the corresponding segments (read/only).

I did a paged map filesystem for CMS ... and put support into CMS to
load standard executables off of CMS page mapped areas ... with
including the ability to specify arbritrary shared segments.
http://www.garlic.com/~lynn/submain.html#mmap

The problem is that the standard 360/370 genre of coding conventions
have fixed addresses in their memory imaged formed (they have stuff
that is called relocatable adcons .... which are addresses that are
swizzeled by the loader when it brings the program off disk into
memory (and therefor the virtual memory image of such applications
are bound to specific virtaul addresses).

The problem with only 256 possible segments and fixed addressing is an
installation could define an arbritrary number of saved systems
at arbritrary, but fixed virtual addresses. The administrative
problems for installations was when they had users that wanted to use
arbritrary combinations of different applications in the same virtual
address space. The installation then had to make sure for different
combinations of applications, they had unique and non-overlapping
addresses. For large installations ... this could quickly lead to
various sitatuons that just weren't possible ... and/or they had
multiple different definitions for the same application ... that
happened to be loaded at different addresses ... and could be used in
various combinations simultaneously with specific other applications
(it wasn't exactly the same as having every shared segment appear in
every virtual address apace ... but the administrative nightmare for
managing non-conflicting virtual addresses for large number of
applications was pretty bad).

This kind of problem is somewhat mitigated in unix environments where
a lot of applications are set up to run in unique/different address
spaces ... with coordinated processing via pipes.

In any case, the infrastructure I had developed allowed CMS to load
shared images at arbritrary virtual addresses. The issue then was if
the same exact shared imaged existed in multiple different virtual
address spaces at different virtual addresses ... the application had
to be free of the traditional 360/370 fixed address paradigm. I
modified some number of applications to be fixed address free ... but
it required modifying the application code ... and then could mark it
for loading at any available free spot in a virtual address space
http://www.garlic.com/~lynn/submain.html#adcon

however, most of the applications tended to be bound to fixed
addresses and so needed to be bound to predetermined address in each
virtual address space it existed in.

--
Anne & Lynn Wheeler   | lynn@garlic.com -  http://www.garlic.com/~lynn/
Internet trivia, 20th anniv: http://www.garlic.com/~lynn/rfcietff.htm

The IBM 5100 and John Titor

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The IBM 5100 and John Titor
Newsgroups: alt.folklore.computers
Date: Thu, 09 Oct 2003 12:09:32 GMT

cstacy@dtpq.com (Christopher C. Stacy) writes:

I thought the 5100 ran most of the 360 instruction set.

some previous 5100/scamp threads
http://www.garlic.com/~lynn/2000g.html#24 A question for you old guys -- IBM 1130 information
http://www.garlic.com/~lynn/2003i.html#84 IBM 5100
http://www.garlic.com/~lynn/2003j.html#0 IBM 5100

--
Anne & Lynn Wheeler   | lynn@garlic.com -  http://www.garlic.com/~lynn/
Internet trivia, 20th anniv: http://www.garlic.com/~lynn/rfcietff.htm

3270 terminal keyboard??

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: 3270 terminal keyboard??
Newsgroups: alt.folklore.computers
Date: Thu, 09 Oct 2003 23:54:58 GMT

Dave Daniels writes:

IBM did a Basic interpreter during the 1980s that I saw
running under CMS. It emulated scrolling a 3270 screen
by redrawing the whole thing. It is obvious that the
developers had never considered people using screens on
9600 bps (or slower) lines. I cannot remember what it was
called - There was VSBASIC, but that was much earlier. The
company I worked for then did not adopt it and I have not
seen it since. Still, VSBASIC was all you needed for
Star Trek (or 'Crumpet Hunt Game', the somewhat less
politically correct version that came about after a
lunchtime trip to the pub).

however there was a lot of work on PVM in the very early 80s with
simulating 3270 using 3101 block mode (ascii screen with some optional
additional bells and whistles) ... typically deployed with 1200 baud
modems.

when PCs came along ... and pcterm with upgrade in PVM to keep state
about what was in the pcterm buffer. PVM tried to understand if it had
transmitted pieces of character strings already and if it might still
be in the pcterm buffer .... in which case it had display controls to
indicate display specific sequence of characters from the buffer
(rather than sending the actual characters).

--
Anne & Lynn Wheeler   | lynn@garlic.com -  http://www.garlic.com/~lynn/
Internet trivia, 20th anniv: http://www.garlic.com/~lynn/rfcietff.htm

The IBM 5100 and John Titor

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The IBM 5100 and John Titor
Newsgroups: alt.folklore.computers
Date: Fri, 10 Oct 2003 22:32:31 GMT

Eric Smith <eric-no-spam-for-me@brouhaha.com> writes:

Even if the 5100 could somehow be modified to run other System/360
software (which would take a lot more than a few "special tweaks",
since as designed the 5100 can only execute the 360 instructions out
of ROM), that STILL would not be sufficient to "read all IBM code
written before the widespread use of APL and BASIC".

And even if it could do *that*, it would not in any way be
particularly helpful in solving the Unix Y2038 problem, which is
what John Titor claimed that he needed the IBM 5100 for.

topic drift .... sometime around 80(?) ... SLAC did a "168E" (i think
it was called); a bit-slice implementation of 360 instructions
sufficient to execute fortran H programs .... supposedly at 370/168
performance.  There were installed at collection locations along the
accelerator to do preliminary data extraction/reduction.

note that at the 5100 pages
http://www.brouhaha.com/~eric/retrocomputing/ibm/5100/
there are a number of additional references, including:
http://www.svec.org/hof/1994.html#friedl

the following from above:

Paul J. Friedl is known by many people as the Father of the Personal
Computer He was the chief architect and inventor of the world.s first
personal computer and also developed the predecessor of the modern
spreadsheet program in 1973, long before personal computers, as we
know them today, were introduced. He christened his computer 'SCAMP'
(Special Computer APL Machine Portable), and it became the father of
the IBM 5100 and the grandfather of the ubiquitous IBM PC, which was
introduced in August 1981, nearly eight years later The original SCAMP
is now in the Smithsonian Institute.

Dr. Friedl's 32-year career with the IBM Palo Alto Scientific Center
as a senior engineer and manager included pioneering work in
industrial process control, laboratory automation, knowledge-based
expert systems, distributed computing, and computer conferencing
systems. He also authored many technical papers and patent
disclosures. He invented the IBM People Sharing Information Network
(PSInet) Computer Conferencing System, which is being used by
kindergarten through 12th-grade educators throughout the country.

... snip ...

Note that the Palo Alto Science Center also had done APL\CMS and the
APL microcode assist for the 370/145. The Cambridge Science Center had
initially done CMS\APL by taking APL\360 and adapting it to CMS, large
workspaces (i.e. more than 32k) and virtual memory (redo of the
garbage collector and storage allocation). APL\CMS was effectively
transferred to STL ... where they adapted it to also run on MVS ...
calling it APL\SV.

This was a big contention leading to APL\SV. The APL purists had that
it was totally free from any operating systems and/or real world
influences. When Cambridge first adapted APL\360 for CMS\APL, they
also added features allowing APL programs to invoke operating system
APIs (doing things like read & write files as well as other operating
system functions). There was a strong reaction that this contaminated
the purity of APL. The "solution" was APL\SV (apl shared variables)
... where the operating system API capability was encapsulated in
something called "shared variables" .... which provided the capability
for APL to deal with the exterior world.

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

The invention of the real-time interrupt

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The invention of the real-time interrupt
Newsgroups: alt.folklore.computers
Date: Sat, 11 Oct 2003 14:31:02 GMT

Rupert Goodwins writes:

Yes, that's how I intended the question to read -- a non-deterministic
physical signal that asynchronously invokes a routine. I've never
fully understood why "software interrupts" are so-called, although
they have some similarities, and surely they were never called that
until hardware interrupts had been invented?

In 360, I/O interrupts and external interrupts not only interrupted
the processor but also allowed for the processor state to be changed
(typically from non-privilege or problem state to privilege or
supervisor state, as part of the interrupt). The (software) supervisor
call interrupts were mapped into the same infrastructure ... not that
they were asynchronous ... but that they relied on the same
architecture/infrastructure for state-change.

The interrupts tended to result in entry into specific location in the
supervisor ... and then the supervisor interrupt handler was
responsible for saving the state at the time of the interrupt ...  and
decoding the meaning of the interrupt .... and invoking some process
to handle that specific interrupt. Turns out from the supervisor side
of interrupt handling ... the semantics were essentially identical
whether it was an asynchronous I/O interrupt, asynchronous external
interrupt or a supervisor call interrupt. In effect, the processing
was identical ... even tho the cause possibly differed by whether it
was software/synchronous or external/asynchronous.

One can conjecture that since the processing appeared identical, there
was a tendency to refer to the paradigms with similar terminology
... even tho the cause for the interrupts differ.

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

Cracking SSL

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Cracking SSL
Newsgroups: sci.crypt
Date: Sun, 12 Oct 2003 13:57:56 GMT

"Roger Schlafly" writes:

Possibly secure, depending on how it is used. As SSL is commonly
used, there are various attacks possible. Eg, most people do not
use client certs, so a man-in-the-middle attack is possible.

SSL was originally designed to address the situation is the server
that I think I'm talking to ... really the server that I'm talking to
... basically countermeasure for some sort of dns and/or ip-address
routing exploit.

basically, the browser has a table of public keys that are trusted by
the client to validate public key certificates for servers.  the
servers basically contain a domain name and a public key.

typically a client browser 1) contacts a server, 2) gets back a server
domain name certificate, 3) the browser validates the integrity of the
server certificate with the public key from the internal browswer
table of trusted public keys and 4) compares the certificate domain
name with the domain name in the URL used to contact the server.

client certificates didn't come along until later. I believe that we
introduced the requirement for client certificates and mutual
authentication before SSL3. This was for the original payment gateway
and we wanted not only that the webserver validated the payment
gateway server (i.e. in the payment transaction with the payment
gateway, the payment gateway has the ssl role of the "server" ... not
the webserver) ... and the payment gateway server validate the
webserver (the webserver is the client of the payment gateway server).
http://www.garlic.com/~lynn/aadsm5.htm#asrn2
http://www.garlic.com/~lynn/aadsm5.htm#asrn3

the rise of aads
http://www.garlic.com/~lynn/x959.html#aads

was in large part having to do end-to-end due diligence on all
business processes related to the original SSL, the uses of SSL, PKIs,
certification authorities, etc and realizing that in (nearly) all (at
least online) cases .... the certificates were redundant and
superfluous duplication of other business operations.

SSL3 with "mutual" authentication (client and server) came along after
the payment gateway stuff and the requirement for "client"
certificates as part of the operation.

Note that the original idea was that SSL would be used for all of the
shopping experience .... from the initial contact of the merchant
website, thru all of the shopping experience, all the way thru
checkount and providing the credit card number.
http://www.garlic.com/~lynn/subpubkey.html#sslcerts

The problem was that the SSL overhead caused a five-fold decrease in
the server shopping capacity ... so eventually SSL was eventually
restricted to just the credit card phase for possibly something like
99.99 percent of the SSL uses around the world today.

So from the standpoint of "commonly used" .... the user may typically
provide the initial, non-ssl URL for the shopping experience ... but
when it comes to the most widely use of SSL ... the user clicks on a
button at the shopping website to enter the SSL environment ... and
most users pay little or no attention to the URL that the button
serves up. A comon exploit is to be at a bogus shopping site (with no
SSL) ... and then have a user hit the checkout button to enter the SSL
session. The URL that the checkpoint at the bogus shopping site
caughs up turns out to be identical to the domain name of the bogus
shopping site ... and of course the SSL validation proves that the
domain name in the (bogus) URL, in fact matches the domain name in the
supplied certificate.

The issue, of course, is that the breadth of MITM protection specified
by the technical SSL description ... is significantly less than the
breadth of MITM exploits available to people wanting to do fraud.  In
some ways, it is like saying that SSL specifies the security of the
bank vault door ... but washes its hands of any issue regarding bank
vault doors being placed in empty fields .... it isn't their fault
that the crooks can walk around the door since there are no walls,
floors, ceilings, etc.
http://www.garlic.com/~lynn/subintegrity.html#fraud

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

Dreaming About Redesigning SQL

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Dreaming About Redesigning SQL
Newsgroups: comp.databases.theory,comp.databases,comp.databases.object,alt.folklore.computers
Date: Sun, 12 Oct 2003 19:01:24 GMT

seunosewa@inaira.com (Seun Osewa) writes:

Quote from
http://www.mcjones.org/System_R/SQL_Reunion_95/sqlr95-Prehisto.html

We knew sort of peripherally that there was some work going on in the
provinces, in San Jose. There was this guy Ted Codd who had some kind
of strange mathematical notation, but nobody took it very seriously.
Ray Boyce was hired at about this time, and we kind of got into this
game called the Query Game where we were thinking of ways to express
complicated queries. But actually before the Query Game started, I had
a conversion experience, and I still remember this. Ted Codd came to
visit Yorktown, I think it might have been at this symposium that Irv
alluded to. He gave a seminar and a lot of us went to listen to him.
This was as I say a revelation for me because Codd had a bunch of
queries that were fairly complicated queries and since I'd been
studying CODASYL, I could imagine how those queries would have been
represented in CODASYL by programs that were five pages long that
would navigate through this labyrinth of pointers and stuff. Codd
would sort of write them down as one-liners. These would be queries
like, "Find the employees who earn more than their managers."
[laughter] He just whacked them out and you could sort of read them,
and they weren't complicated at all, and I said, "Wow." This was kind
of a conversion experience for me, that I understood what the
relational thing was about after that.

... some conjecture that SQL was chosen as a TLA (three letter
acronym) in competition with QBE (query by example) from YKT:
http://www.garlic.com/~lynn/2002e.html#44 SQL wildcard origins?
http://www.garlic.com/~lynn/2002o.html#70 Pismronunciation

i have some memory of QBE presentation in cambridge in the early to
mid 70s ... in advance of some amount of the System/R stuff.

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

Dreaming About Redesigning SQL

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Dreaming About Redesigning SQL
Newsgroups: comp.databases.theory,comp.databases,comp.databases.object,alt.folklore.computers
Date: Sun, 12 Oct 2003 19:13:54 GMT

oops; and other query stuff from the same period ... also done on
vm/370 and cms ... nomad, ramis, focus
http://www.garlic.com/~lynn/2003d.html#15 CA-RAMIS
http://www.garlic.com/~lynn/2003d.html#17 CA-RAMIS
http://www.decosta.com/Nomad/tales/history.html

and of course, 4th floor, 545 tech. sq
http://www.garlic.com/~lynn/subtopic.html#545tech

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

CPUs with microcode ?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: CPUs with microcode  ?
Newsgroups: comp.arch
Date: Mon, 13 Oct 2003 14:40:52 GMT

Eric Smith <eric-no-spam-for-me@brouhaha.com> writes:

IBM zSeries, which is the latest descendant of the System/360,
System/370, 370/XA, ESA/370, and ESA/390 architectures.  AIUI, like the
Intel and AMD processors, the z/Series hardware executes many
instructions without involvement of microcode.  But some of the
instructions are rather complex and would be difficult to execute
without microcode.  (Or a complex state machine, which amounts to the
same thing.)

also the whole infrastructure for mainframe LPARS (logical partitions
.... basically much of virtual machine supervisor moved into the
hardware of the machine). starting with 370/158 there was microcode
assists for the virtual machine supervisor ... this expanded
significantly with later machines .... then almost with SIE, PR/SM,
etc. Then it wasn't that far to move a whole subset of the virtual
machine supervisor into the hardware .... providing for structured
subset partitioning of the machine as independent ... even if the more
functional superset software virtual machine supervisor wasn't even
running.

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

Poor people's OS?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Poor people's OS?
Newsgroups: comp.os.linux.security,linux.redhat,comp.os.linux.misc
Date: Mon, 13 Oct 2003 15:17:17 GMT

Richard Pitt writes:

Commodity hardware has come down in price from several thousands of
dollars for a "reasonable" system to several hundreds of dollars for a
system about 2 orders of magnitude better - a net change of about 3
orders of magnitude in favour of the consumer (1000% better for those
who don't understand magnitudes ;)

minor nit ... "100percent better" is sometimes used to mean double, so
does 110percent mean ten percent better?

one order of magnitude (1 with single zero) is ten times or
1000percent, two orders of magnitude is hundred times (1 with two
zeros) or 10000percent, three orders of magnitude is thousand times (1
with three zeros) or 100000percent.

magnitude    times        percent
1               10           1000
2              100          10000
3             1000         100000
4            10000        1000000

or percent is "times" with two more zeros.

A question is does it become like the automobile or the telephone;
the old stories about telephones and automobiles ... if they were ever
to catch on ... every person would have to become a telephone operator
or a chauffeur; ... in effect they drastically simplified both,
allowing every person to, in fact, operate telephone and/or automobile
w/o needing a separate, specially trained person.

there also has been the whole issue of automobile aftermarket products
and customized automobiles ... or would most consumers eventually come
treat automobiles like appliances.

slight drift .... some conferences have raised the issue regarding the
prevailing, most common software was fundamentlly designed for
relatively disconnected, desktop environment (say dedicated for
stand-alone games) ... dropping it into a high-speed, all-the-time,
7x24, world-wide interconnected environment stresses it in ways that
it was never designed to handle. For systems to operate with integrity
in a specific paradigm ... it typically needs to have the fundamentals
designed/built into from the origin; layering them on afterwards
almost always results in significant faults.

There is some analogy with patches .... there was a industry study of
a TV ad campaign from the late '70s .... where a particular vendor's
copying machine was extremely prone to paper jams. They took out TV
ads highlighting the fact that clearing paper jams in their product
was much easier than in the competition products. However, the TV ads
backfired ... constantly reminding people that the product had paper
jams much more frequently than all other copiers.  The current patch
and virus update operations are somewhat analogous.

misc. discussions to buffer overflows, viruses, explots,
vulnerabilities and fraud:
http://www.garlic.com/~lynn/subintegrity.html#fraud

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

Dreaming About Redesigning SQL

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Dreaming About Redesigning SQL
Newsgroups: comp.databases,comp.databases.theory,comp.databases.object,alt.folklore.computers
Date: Mon, 13 Oct 2003 22:54:11 GMT

pobrien@orbtech.com (Patrick K. O'Brien) writes:

I think over time Relational implementations (various flavors of SQL)
have lost some of the clear advantages they had over languages like
COBOL and systems like CODASYL.  In 1974 we didn't have Python, Java,
C#, etc.  I'm not saying Relational implementations have no advantage
over modern languages and alternative database technologies.  I simply
take issue when Relational advocates make blanket statements about
other technologies (OO and ODBMS) that are not true, or were once true
but no longer are true.

as per previous post:
http://www.garlic.com/~lynn/2003n.html#12 Dreaming About Redesigning SQL

see comment about RAMIS from 1969
http://www.decosta.com/Nomad/tales/history.html A Brief History of 4th generation languages

system/r was done on VM/370 .... before that (1969) RAMIS was done on
modified version of CP/67 (precursor to VM/370) as per above URL. The
modifiedd CP/67 by NCSS was moved to 370 generation machine .... and
its subsequent NOMAD was in direct competition with the FOCUS (another
RAMIS derivative) at Tymshare ... a modified VM/370 offering running
on 370 hardware.

and as previously ... random system/r related stuff
http://www.garlic.com/~lynn/submain.html#systemr

some past references to commercial time-sharing offerings (ncss,
idc, tymshare, etc):
http://www.garlic.com/~lynn/submain.html#timeshare

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

log on windows xp with smartcard

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: log on windows xp with smartcard
Newsgroups: alt.technology.smartcards
Date: Tue, 14 Oct 2003 14:20:00 GMT

Daniel James writes:

Eh? Kerberos doesn't use RSA. (Not sure what MS have done to
it, but vanilla Kerberos is a DES-only system.)

some are implementing kerberos pk-init internet-draft that specifies
public key (rsa and other) .... draft includes specification for
certificate-less-based (i.e. account-base) public key implementations.
misc. kerberos comments
http://www.garlic.com/~lynn/subpubkey.html#kerberos

misc. public key,  account based discussions
http://www.garlic.com/~lynn/x959.html#aads

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

which CPU for educational purposes?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: which CPU for educational purposes?
Newsgroups: comp.arch,alt.folklore.computers
Date: Wed, 15 Oct 2003 18:14:31 GMT

"Glen Herrmannsfeldt" writes:

Which is why IBM's VM system is so useful.  It is much easier to
debug when you have the control that VM gives you over debugging
from the front panel.  Well, in the days when computers actually had
front panels, with switches and lights where you could view and
change data.

a demo i did a couple times .... somebody would claim that they had
secured the system even from me ... I had an outstanding claim that if
i was in the room, it was less then five minutes until total control
over everything. I would flip a couple bits in a conditional branch
instruction, located after the return from the authentication
routine. then, they would always say that I cheated because it had
nothing to do with password guessing and/or any other sophisticated
procedure. took five minutes because i needed to remove any outside
connection to the machine .... because flipping the bits was pretty
drastic.

a specific incident was one weekend I had time on machine someplace
... and one of the other machines in the machine room contained a copy
of the FS documents and specifications ... and they claimed that they had
a bunch of security procedures that I wouldn't be able to get around.
misc. FS references
http://www.garlic.com/~lynn/submain.html#futuresys

(25-30 years ago) I pointed out there were two countermeasures

1) put keylock on the front panel (they eventually moved all of it
into service processor ... and added keylocks and password functions
to the service processor)

and/or

2) provide support for encrypted filesystems with everybody having
their own private key (which just added to the human factors shared-secret overload, although encrypted filesystems are now starting to
show up)

recent post with lots of additional topic drift:
http://www.garlic.com/~lynn/aadsm15.htm#23

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

Dreaming About Redesigning SQL

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Dreaming About Redesigning SQL
Newsgroups: comp.databases.theory,comp.databases,comp.databases.object,alt.folklore.computers
Date: Fri, 17 Oct 2003 23:10:08 GMT

"Jim Mehl" writes:

No, SQL was chosen because Sequel was already a trademarked name.
With regard to QBE, there was a famous comparison test made in
Building 28 between Sequel and QBE. The room had a note on the door
reading OK Corral. Lynn Wheeler's office was downstairs and perhaps
20 feet away. Anyway there was no decision. But I think history has
shown that SQL won out over QBE Jim Mehl

... but it makes a good story ....

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

Dreaming About Redesigning SQL

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Dreaming About Redesigning SQL
Newsgroups: alt.folklore.computers
Date: Sat, 18 Oct 2003 14:31:50 GMT

"Jim Mehl" writes:

Lynn. Are you implying that people on alt.folklore.computers would
actually stretch the truth? Perish the thought. <grin>

it wasn't any claim about choosing SQL vis-a-vis sequel ... it was
only some contention that in choosing a TLA ... they may have wanted a
good TLA like QBE's TLA ... of course s, q, l are the only consonants
in sequel ... so maybe that had a little to do with it also?

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

which CPU for educational purposes?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: which CPU for educational purposes?
Newsgroups: comp.arch,alt.folklore.computers
Date: Sat, 18 Oct 2003 15:04:27 GMT

jmfbahciv writes:

There's a huge difference between system access security
and data access security.  Once upon a time, these two
were the "same" thing because of the way systems and data
were isolated (they were in the room).  With the advent
of cheap PCs, the distinction has to be made.   We didn't have
to think about the distinction very much waybackwhen because
of the hardware setups.

there has been soemwhat long running thread in some other mailing list
about What's Your Threat Model ... aka if you don't know what you
are securing against .... you might actually miss something (or
possibly even fail to accomplish anything). slight part of the thread:
http://www.garlic.com/~lynn/aadsm15.htm#25 WYTM?

one of the earlier issues is that if you are designing a system that
is for purely personal use that isn't connected to anything else
... or at most is connected to a purely local, small, non-hostile
collection of similar machines (aka similar to the purely batch system
in machine room isolation) .... then the protection mechanisms are
going to be totally different than what you would need for a
world-wide, possibly all the time connected, somewhat anarchy, even
being lugged around in quite public places.

the keylock/password on the front panel functions is only a
countermeasure against limited, short term physical attack (aka nobody
is looking for several minutes in the machine room). countermeasure
for longer duration physical attack just about requires physically
securing the actual data ... with one possibility being the encrypted
filesystem scenario.

and even more drift, I think it was somebody at perkin-elmer that did
a custom, locally loadable disk driver for CMS sometime in the
70s. Originally this was targeted at compression and saving disk
space. There were a lot of pundits that believed it would aggravate
CPU utilization. A not too surprising result (in retrospect) was that
it reduced CPU utilization; the increase in CPU utilization performing
the compression/decompression function was more than offset by the
reduced physical blocks that had to be transferred ... and therefor
the reduced CPU use by the I/O routine. I believe at least one of the
encrypting filesystem drivers flowed from this work.

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

Is it possible to devise a public-key cipher with no flaws?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Is it possible to devise a public-key cipher with no flaws?
Newsgroups: sci.crypt
Date: Sun, 19 Oct 2003 15:28:39 GMT

"Panic" writes:

For symmetric ciphers, you generate a totally random key. Hence
there is no structure to the key. With PK ciphers (at least like
RSA), you generate a key according to a formula. This of course
being nessesary for the key-pair to form a
encryption/decryption-key-pair. So for PK ciphers, the key has
structure. And therefor you cant expect key lengths of PK ciphers to
approach the length of symmetric ciphers, no matter how you try.

so a test of structure with PK ciphers ... what is the difference in
the attacks between knowing the public key and never knowing either
key.

A PK business objective of using asymmetric ciphers is allowing one of
the keys to be known ... but if none of the keying material is ever
divulged (as in symmetric key), does that change the attacks? ... aka
compare asymmetric cryptography and symmetric key cryptography on
level playing field using same ground rules regarding no keying
material being divulged; then compare the difference between PK
business process use of asymmetric cryptography that allows some of
the keying material to be divulged (against scenario where no keying
material is divulged).

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

foundations of relational theory? - some references for the

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: foundations of relational theory? - some references for the
 truly starving
Newsgroups: comp.databases.theory,comp.databases.pick,alt.folklore.computers
Date: Wed, 22 Oct 2003 14:43:57 GMT

"Paul Vernon" writes:

http://www-3.ibm.com/software/data/ims/
http://www-3.ibm.com/software/data/ims/presentations/two/imsoverview/index.htm

a.. "More than ninety-five percent of the Fortune 1000 companies use
IMS.  IMS serves 200 million end users, managing over 15 billion
Gigabytes of production data and processing over 50 billion
transactions every day. IMS still owns the high-volume on-line
transaction and database management environment. IMS customers have
been driving their own growth with IMS - over 79 million
transactions were handled by one customer in a single day on a
single sysplex system, 30 Million Trans/Day on a single CEC. 7
million Transactions/ hour and 120 million transactions/day were
handled by another customer. IMS in-house testing has reached over
4000 transactions/sec across TCP/IP to a single IMS on a single
machine (G6). And we have reached 11,246 trans/sec (nearly 1 Billion
trans/day) with IMS Data/Queued Sharing on a 2-CPC Sysplex.. One
large customer has also indicated they have reached over 3000 days
without an outage and another over 2000 days and still going
strong. "

several years ago .... in a meeting with one of the large financial
backbone systems ... they attributed their one hundred percent
availability for the previous six years (aka no outages, either
scheduled or unscheduled):

• ims hotstandby
• automated operator

and since then, I believe they have continued to have one hundred
percent availability.

random past ims hot-standby posts:
ttp://www.garlic.com/~lynn/98.html#35a Drive letters
http://www.garlic.com/~lynn/98.html#37 What is MVS/ESA?
http://www.garlic.com/~lynn/98.html#40 Comparison Cluster vs SMP?
http://www.garlic.com/~lynn/99.html#71 High Availabilty on S/390
http://www.garlic.com/~lynn/99.html#77 Are mainframes relevant ??
http://www.garlic.com/~lynn/99.html#92 MVS vs HASP vs JES (was 2821)
http://www.garlic.com/~lynn/99.html#128 Examples of non-relational databases
http://www.garlic.com/~lynn/2000f.html#12 Amdahl Exits Mainframe Market
http://www.garlic.com/~lynn/2000f.html#54 360 Architecture, Multics, ... was (Re: X86 ultimate CISC? No.)
http://www.garlic.com/~lynn/2001e.html#44 Where are IBM z390 SPECint2000 results?
http://www.garlic.com/~lynn/2001k.html#13 HP-UX will not be ported to Alpha (no surprise)exit
http://www.garlic.com/~lynn/2001k.html#14 HP-UX will not be ported to Alpha (no surprise)exit
http://www.garlic.com/~lynn/2001k.html#18 HP-UX will not be ported to Alpha (no surprise)exit
http://www.garlic.com/~lynn/2001l.html#47 five-nines
http://www.garlic.com/~lynn/2001n.html#3 News IBM loses supercomputer crown
http://www.garlic.com/~lynn/2001n.html#47 Sysplex Info
http://www.garlic.com/~lynn/2001n.html#85 The demise of compaq
http://www.garlic.com/~lynn/2002e.html#68 Blade architectures
http://www.garlic.com/~lynn/2002h.html#73 Where did text file line ending characters begin?
http://www.garlic.com/~lynn/2002o.html#14 Home mainframes
http://www.garlic.com/~lynn/2002o.html#68 META: Newsgroup cliques?
http://www.garlic.com/~lynn/2002q.html#35 HASP:
http://www.garlic.com/~lynn/2003.html#37 Calculating expected reliability for designed system
http://www.garlic.com/~lynn/2003h.html#56 The figures of merit that make mainframes worth the price
http://www.garlic.com/~lynn/2003l.html#11 how long does (or did) it take to boot a timesharing system?

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

Are there any authentication algorithms with runtime changeable key length?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Are there any authentication algorithms with runtime changeable key length?
Newsgroups: sci.crypt
Date: Wed, 22 Oct 2003 18:07:18 GMT

josb4@hotmail.com (jos sulistyo) writes:

Sorry for repeating my own posting. I sent the previous one before
finishing the title! At any rate, I am repeating it with the title
completed. I hope this is not a major breach of any netiquette.
At any case, I am looking for an authentication algorithm, preferably
a public-key type, with the following property: it could, on the run,
change the key length by using only a substring of the original key.
Is there such an algorithm? (Even nicer would be if there are even
downloadable source codes!)
More specifically, let us start with, say, a single long, say, 512-bit
key (or 128, or 40, or whatever). I think there are many algorithm
with such fixed key sizes. Now, however, what I am looking for is one
in which (for instance, through some server <--> client negotiation),
the authentication could be performed using just the first 32 bits (or
the middle 32 bits, or whatever) out of the 512 bits in the original
key, if the server (and maybe the client) agree that somehow they
could use a shorther key. Probably another client which is considered
ok with an even shorter key may authenticate using just 20 bits of
they key.

in general many of the EC/DSA implementations can do adaption to
approved key sizes (aka FIPS186-2, X9.62, etc)

a side issue .... independent of the implementation issues .... (given
an algorithm that supported key substrings) .... is that longer key
sizes are chosen because they are harder to determine. Using
substrings of the long key for shorter versions of the same value
.... exposes the longer key to piecewise discovery (i.e. you are
making pieces of the long key vulnerable to discovery ... negating
reason for having a longer key ...  it is much easier to guess two 40
bit values than it is to guess a single 80 bit value).

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

Good news for SPARC

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Good news for SPARC
Newsgroups: comp.unix.solaris,comp.sys.sun.hardware,comp.sys.intel,comp.arch
Date: Thu, 23 Oct 2003 15:36:20 GMT

"Yousuf Khan" writes:

Fujitsu, for example. Fuji makes their Sparc64 processors, which compete
against Sun's UltraSparc processors. Both are based on the same standard
instruction set.

But as the original posting said, it looks like Fuji and Sun are pooling
their resources together now to combine their processors.

i thot it almost looked like that 10 years ago ... when there was some
amdahl/sun announcement ... but it wasn't clear whatever happened to
that (or was it purely a marketing thing)?

i vaque recollection of 30 some years ago at some auditorium at MIT
where Gene Amdahl was describing what was to be his new company and
there was some amount of heckling from the audience about it
effectively being a fujitsu front.

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

Are there any authentication algorithms with runtime changeable

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Are there any authentication algorithms with runtime changeable
 key length?
Newsgroups: sci.crypt
Date: Thu, 23 Oct 2003 19:00:48 GMT

josb4@hotmail.com (jos sulistyo) writes:

Dear Ann / Lynn:
Thanks a bunch for the response.  At any case, I have several more
questions. So, EC/DSA could use only substrings of the original
keys? Are those substrings treated as separate keys (hence the
algorithms actually support multiple keys), or are they truly
single-key algorithms which could support the option of just using
part of the key?  Also, considering the risk of piecewise discovery,
if we need multiple-length keys, is it better to use multiple keys
(with varying length) somehow, instead of trying to find an
algorithm which allows the use of only part of the key? Or, is it
safer (more secure) to avoid the entire multiple key length idea
altogether?  Thanks again for all responses! Cheers, Jos

i didn't say that ec/dsa could use substrings ... i said that
fips186-2, x9.62 specify multiple key lengths. asymmetric key
algorithms tend to have very complex relationship between the values
of the two keys aka they aren't bit strings but two numbers that tend
to be very large.

What would sort of be implied is that two extremely large numbers can
be converted to bit-strings ... then abritrary subset of the
bitstrings can be taken and then converted back to two (smaller)
numerical values ...  and that those two entirely new & arbritrary
numerical values would also have some complex relationship?

Lets say I have a 100 digit number (A) that has a simple mathematical
relationship to another number (B) ... lets say A is seven times B.
The question is can I taken an arbritrary subset of digits from A and
B ... where all subsets of A will always be seven times all subsets of
B (for all possible A & B subsets and all possible As that are seven
times some B)?

and what I was implying was that if you had need for different key
lengths ... then you needed different keys (and some implementations
require it in any case).

Lets say you have a ISO 14443 card with a chip that does EC/DSA
digital signature authentication in a transit application. ISO 14443
is a standard for proximity cards where the chip doesn't actually have
physical contacts for power but draws its power from RF energy in the
air when in the vacinity of a 14443 reader (power-source). A transit
application tends to have time constraints (i.e. avoid long lines at
turnstyles in metro stations). Longer keys tend to require larger
power-time profile than shorter keys (in contact configuration there
is some trade-off possible between power and time ... i.e. more power
to drive more circuits that would perform move complex operations
faster).

so there is a somewhat general principle about security proporitional
to risk ... a little topic drift:
http://www.garlic.com/~lynn/2001h.html#61

which could imply that stronger security because of higher risk might
require longer keys (and/or other measures).

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/ Internet trivia
20th anv http://www.garlic.com/~lynn/rfcietff.htm

Good news for SPARC

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Good news for SPARC
Newsgroups: comp.unix.solaris,comp.sys.sun.hardware,comp.sys.intel,comp.arch
Date: Fri, 24 Oct 2003 13:27:18 GMT

Alex Johnson writes:

*shock*  IBM consented to use SPARC to design PPC?!  Sheesh.  When I
was in RTP designing the PPC440 core everything, and I mean
EVERYTHING, was Power-based.  All the workstations and batch queues
were RS64 and Power2/3.  At first I was miserable at finding out they
were dumping an old workstation on my desk that ran at a measley 67MHz
(POWER 2) after having a 300MHz Sun Ultra 10 Creator in gradschool (I
had the best machine in my school and the oldest machine at IBM).  Let
me tell you, that crappy old machine cranked out hspice results as
fast as the Ultra 10.  And through loadleveler I had access to 300MHz
POWER 3's.  You couldn't even find a Windows machine to use the
required Lotus Notes application...you had to use WTS.

Just for comparison (I was so impressed):
Sun Microsystems  Ultra 10 300MHz   12.1 SPECfp95 (mine in gradschool)
IBM Corporation   POWER 2   67MHz   10.2 SPECfp95 (mine at IBM)
IBM Corporation   POWER 3 30-40 SPECfp95 (typical new machine in our dept)

i believe in a transition to COTS tools .... quite a few things (that
didn't already run on SUN) were ported to SUN in conjunction with some
activity or another with one of the tool venders. At the time, SUN was
workhorse of design industry and that was what most of the tools ran
on (and what engineers were familiar with). It wasn't until power had
been around for awhile ... you got to see tools showing up on aix.

--
Anne & Lynn Wheeler -  http://www.garlic.com/~lynn/

Controversial paper - Good response article on ZDNet

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Controversial paper - Good response article on ZDNet
Newsgroups: sci.crypt
Date: Fri, 24 Oct 2003 13:43:35 GMT

"George Ou" writes:

I'm sorry to say, but I think you're dreaming here.

Numeric advantage means nothing.  In Gulf War I, the Iraqi tanks out
numbered ours 4 to 1, yet we didn't have a single casualty in our
tank crews.  We only had a hand full of tanks disabled, while nearly
every Iraqi tank was wiped out and a few ran off with their tales
tucked between their legs.  It would not have mattered if the Iraqi
tanks out numbered our Abrams 20 to 1, we would have wiped them out
with minimal casualty and with no help from the air.

Last time I checked, the citizens don't own tanks.

a little drift & counter example ... for that unpleasentness in
europe, tiger had something between 5:1 to 10:1 kp over sherman
... but there were ten times the number of shermans. supposedly there
was an explicit decision to go the cannon fodder route ... which won
but it periodicly had a downside impact on crew morale.

misc. past tiger/sherman posts
http://www.garlic.com/~lynn/99.html#120 atomic History
http://www.garlic.com/~lynn/2000c.html#85 V-Man's Patton Quote (LONG) (Pronafity)
http://www.garlic.com/~lynn/2001.html#29 Review of Steve McConnell's AFTER THE GOLD RUSH
http://www.garlic.com/~lynn/2001.html#30 Review of Steve McConnell's AFTER THE GOLD RUSH
http://www.garlic.com/~lynn/2001m.html#3 mainframe question
http://www.garlic.com/~lynn/2001m.html#10 mainframe question
http://www.garlic.com/~lynn/2001m.html#11 mainframe question
http://www.garlic.com/~lynn/2001m.html#16 mainframe question

supposedly there was a quote from cheney with regard to going into
gulf war II that the big problem was that Boyd had died in '97.

lots of boyd references:
http://www.garlic.com/~lynn/subboyd.html#boyd2
http://www.garlic.com/~lynn/subboyd.html#boyd

--
Anne & Lynn Wheeler -  http://www.garlic.com/~lynn/

CYLFAULT

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: CYLFAULT
Newsgroups: bit.listserv.ibm-main
Date: Fri, 24 Oct 2003 14:09:51 GMT

john.mckown@ibm-main.uiciinsctr.com (McKown, John) writes:

I cannot be sure, but that may refer to a really ancient thing
called the 3850 Mass Storage System (I think that's the name). This
was a combination of DASD and Tape that looked like a 3350 - sort
of. The majority of the data would be sitting on a tape. Portions of
the data would be on the physical DASD. When I/O was done to the
box, the "controller" would see if the track was on DASD. If it was,
the I/O would be directed to that physical track. If it was not,
then the controller would find a "free" track on DASD, look up where
the data was on tape, mount the tape (with a robot mounter), and
read the data onto the physical DASD. If the physical DASD were
"full", it would need to "page out" a physical track onto tape
first. Normally it worked on a track level. But if you specified
"CYLFAULT" (Cylinder Fault), it would know to stage the entire
cylinder that the track was a part of.

This is conceptually like virtual storage. I.e. page faults, backend
storage of inactive data, etc. It was a funny box and not really
very popular. We had the STK equivalent at Braniff Airways back in
the late 1970's, early 1980's. I hated the stinking thing. Tapes
broken, the "x-y" motor which drove the robot tape loader would
become uncalibrated and not be able to select tapes. This caused a
"mount" message on the console and the operator would need to find
the physical tape (small things like a "fat" hotdog) and shove it in
the tape drive. I wouldn't have gone into this, but it is Friday.

looked like 3330 ... on 3330s; there was a later enhancement that
looked like 3330s on 3350 drives. the smallest staging unit was
something like 7 (or 10?) cylinders that was "paged out/in".

some pictures:
http://www.columbia.edu/acis/history/mss.html

misc. past 3850 posts
http://www.garlic.com/~lynn/2001f.html#66 commodity storage servers
http://www.garlic.com/~lynn/2001l.html#54 mainframe question
http://www.garlic.com/~lynn/2001l.html#63 MVS History (all parts)
http://www.garlic.com/~lynn/2002d.html#55 Storage Virtualization
http://www.garlic.com/~lynn/2002g.html#84 Questions on IBM Model 1630
http://www.garlic.com/~lynn/2002o.html#3 PLX
http://www.garlic.com/~lynn/2003b.html#7 Disk drives as commodities. Was Re: Yamhill
http://www.garlic.com/~lynn/2003b.html#15 Disk drives as commodities. Was Re: Yamhill
http://www.garlic.com/~lynn/2003b.html#18 Card Columns
http://www.garlic.com/~lynn/2003b.html#21 Card Columns
http://www.garlic.com/~lynn/2003b.html#29 360/370 disk drives

--
Anne & Lynn Wheeler -  http://www.garlic.com/~lynn/

Architect Mainframe system - books/guidenance

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Architect Mainframe system - books/guidenance
Newsgroups: bit.listserv.ibm-main
Date: Fri, 24 Oct 2003 20:50:54 GMT

thinkers_corner@ibm-main.hotmail.com (Thinkers Corner) writes:

Hello IBM-Mainers,

I have a bit of a situation.  I am applying for a Architect job
posting.  With resume, I am to provide a step-step process list on
how would Architect a Mainframe system and list the references for
my knowledge.

I was wondering if IBM or other companies have a (free) pulication
on how to design/build/Architect a mainframe system.

They are now a very, very, very, very lean shop and do not have the
techical knowledge. The current is very back level of maintenance
and will not meet the drop date of OS 2.10, with 10 lpars, 8 cpus,
CA-1, RACF, DB2, IMS, (HSM that half works) 7/24 (due to medical
processing of records) and is kludge of many systems put together
over 25 years from many buyouts.

I would like to make a fresh start of the platform and then port
each system over such as DB2, IMS, CICS, ...etc. I have build many
application systems and connected them but I never had formal
training on Best of Breed practices on how to design one for
scratch.

This plan must be put together in 3 months or less...

My best guess from the top of my head  is to install

CPU number for 10 lpar with 8 cpus, * 1.25 --> try to reduce this to
8 lpars
Z/OS 1.4 or higher ( so it has parallex Sysplex)
Linux,
VTS,
SAN ( 25 Terabytes)
Hot backup site (Channel extender ?)
DB2
IMS
CICS,
SAS
UCC7 or ..
RACF/TSS

minor digression, this sounds like they need somebody to configure a
mainframe system.

padegs used to own the 360/370 "redbook" ... i.e. the
architecture book for the 360/370/etc ... it was done in CMS script
for a long time with conditionals for the subset that was printed
as the principle of operations publication (the full architecture
redbook had loads of stuff that didn't show up in the PoP)
http://izgudrojumi.lza.lv/eng/izgudrotaji/PadegsA.asp

at about the same time that ricky baum was hired into POK to be
responsible for tightly-coupled (multiprocessor) architecture, my wife
was hired to be responsible for loosely-coupled (aka cluster, sysplex,
etc by any other name) architecture. She invented the peer-coupled
shared data architecture (eventually used in IMS hot-standby and much
later sysplex; we like to say she was only five years old at the
time).

However, there was big problem in those days .... if the word
"communication" showed up any place (even communication between
processors) ... the VTAM team would claim ownership/responsibility.
Fundamentally, VTAM was a terminal control program (one might consider
that the TLA SNA was quite a bit of aggrandizement since 1) it wasn't
a system, 2) it wasn't a network, and 3) it wasn't an architecture).

random multiprocessor topic drift:
http://www.garlic.com/~lynn/subtopic.html#smp

random cluster topic drift:
http://www.garlic.com/~lynn/subtopic.html#hacmp

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

Is this right? Question about SSL and PKI

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Is this right?  Question about SSL and PKI...
Newsgroups: sci.crypt
Date: Sun, 26 Oct 2003 18:05:24 GMT

Ohaya <ohaya@NO_SPAM.cox.net> writes:

1) We work with a CA (let's call them "CA-Commercial") that will be
issuing CLIENT certificates.

2) We can get that CA-Commercial's root certificate (most of them let
you just download them), so I can install CA-Commercial's root
certificate on my server.

3) I can run, say, MS Certificate server (so, I'm "CA-Inhouse"), on an
in-house machine, and create a server certificate, and install that in
my web server (e.g., IIS).

CA-Inhouse doesn't issue client certs, we only use it to issue one
server certificate, just for our server.

From my testing, since we have CA-Commercial's root certificate on our
server, our server will include CA-Commercial in the CertificateRequest
part of the SSL handshake, and then the browser on the client-side will
send its CA-Commercial-issued client cert to our server (recall, our
server only has a server cert issued by CA-Inhouse).

What I was surprised about, in the above scenario, was that the client
authentication succeeded, even though we didn't have a
CA-Commercial-issued server certificate installed on our server.

nominally certificates are for trust propagation (i.e. you have no
knowledge of who you are contacting ... but you trust somebody else
and they issue certificates that supposedly you can trust).

In the case of "loading" a certificate into a table ... you are
bypassing the trust propagation gorp ... and loading the CA's public
key (from the certificate) into a table of trusted public keys. Many
products with SSL support typically ship with some number of trusted
(CA) public keys already preloaded into their trusted public key
table. The majority of the products will accept any certificate that
can be authenticated with some public key in their table of trusted
public keys (whether it was a preloaded trusted public key or a public
key you specifically loaded).

So for the client browser to authenticate the server's certificate ...
it must have the public key of the CA signing the server certificate
(in its trusted public key table) ... or some CA public key from a
trust hierarchy (the CA that signs your server certificate ... instead
of having a self-signed certificate loaded into all the browsers, may
have a CA certificate signed by some other CA ... which in turn has
its public key loaded into the client browswers). So for the client
browswers to authenticate your server .... either 1) the CA
certificate for your MS certificate server (CA-Inhouse) is self-signed
and has been loaded into all the client browser public key tables or
2) the CA certificate for your MS certificate server (CA-Inhouse) is
signed by some other CA which has a public key loaded into the client
browser trusted public key tables.

Similarly for the server to authenticate the client certificates ...
it must have the public key of the CA signing the client certificates
some how (pre)loaded into its table of trusted public keys (or the
public key signing some CA-certificate in the client certificate trust
hierarchy). One purely hypotethical scenario is that the MS
certificate server (CA-Inhouse) has a CA server certificate that is
not self-signed ... but possibly signed by microsoft ... and
microsoft's CA certificate's public key is in the server's table of
trusted public keys. Furthermore it is possible such a microsoft CA
certificate is also not self-signed ... but is signed by some
CA-commercial operation, who's public key is also loaded into the
server's table of trusted public keys. Some such CA-commercial can
also have a common trust root with the entity that is signing the
client certificates.

The implication is that the server will accept as correctly
authenticated any and all client certificates that have been signed by
some validly recognized certifcate authority aka the server doesn't
care what clients are connecting ... just so long as they have
somebody's valid certificate. This may or may not be what you are
really interested in. The client process for a server certificate is
that the person types in a URL and gets back a SSL server certificate
and checks to see if the domain name typed in corresponds with the
domain name in the certificate.

One possibility from your description is that the server isn't
checking to see if the person being authenticated isq actually a
specific trusted person ... but is just checking to see if it is any
random entity with any random valid certificate.

The authentication scenario ... say with RADIUS used by nearly all
ISPs in the world for internet connectivity ... or a web server that
has its client authentication stub to interface to RADIUS is that the
connecting entity claims to be somebody ... which then RADIUS checks
to see if that somebody is in the authentication table. The connecting
entity then authenticates with regard to the claimed somebody with
some authentication material. Then RADIUS typically provides the
authorization information with regard to the authenticated entity.
Most implementations in the world have a password (shared-secret)
registered with RADIUS as authentication information. However, it is
possible to enhance RADIUS to register a public key in place of a
password. The client then performs a digital signature operation for
authentication part of RADIUS ... and the server does a
(certificate-less) digital signature authentication using the public
key registered for the claimed entity.

There is a big different between any client in the world that just
happens to have a valid certificate being allowed access .... and a
client being able to proove that they are a specificly claimed entity
with known access rights.

a little drift with authentication, SSL, PKI, WYTM, MITM, etc
http://www.garlic.com/~lynn/aadsm15.htm#4 Is cryptography where security took the wrong branch?
http://www.garlic.com/~lynn/aadsm15.htm#7 Is cryptography where security took the wrong branch?
http://www.garlic.com/~lynn/aadsm15.htm#8 Is cryptography where security took the wrong branch?
http://www.garlic.com/~lynn/aadsm15.htm#9 Is cryptography where security took the wrong branch?
http://www.garlic.com/~lynn/aadsm15.htm#10 Is cryptography where security took the wrong branch?
http://www.garlic.com/~lynn/aadsm15.htm#11 Resolving an identifier into a meaning
http://www.garlic.com/~lynn/aadsm15.htm#14 Resolving an identifier into a meaning
http://www.garlic.com/~lynn/aadsm15.htm#25 WYTM?
http://www.garlic.com/~lynn/aadsm15.htm#26 SSL, client certs, and MITM (was WYTM?)
http://www.garlic.com/~lynn/aadsm15.htm#27 SSL, client certs, and MITM (was WYTM?)
http://www.garlic.com/~lynn/aadsm15.htm#28 SSL, client certs, and MITM (was WYTM?)
http://www.garlic.com/~lynn/aadsm15.htm#29 SSL, client certs, and MITM (was WYTM?)

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

hardware vs software security

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: hardware vs software security
Newsgroups: alt.computer.security
Date: Sun, 26 Oct 2003 22:58:56 GMT

Leythos writes:

As MANY people have said, a hardware firewall device is a specialized
device build just for one purpose - to act as a firewall. Once you gain
experience with the devices available, you come to 'trust' their
abilities (or you quit using the ones you don't trust) and their
firmware. It's kind of like deciding to use a box end wrench on a nut or
to use a multi-purpose tool on a nut - with the wrench you know that it
will do exactly one job quite well, with the multi-tool there are many
things that it can do that have nothing to do with the job at hand and
those options can screw you in many cases.

there is hardly anything that is pure hardware these days. the biggest
difference between hardware and software firewalls tend to be that the
hardware firewalls are nominally dedicated appliances with "embedded"
system that tends not to allow anything to run but the specific
configured feature (i.e.  somewhat less likely that roque software
gets loaded and executed which might compromise the feature/function
of the firewall).

There are still some common issues like configurability. it used to be
common (going back nearly 10 years) that there was some marked human
factors difference in ease of configuring across different products.

For at least one of the products, it was a common and frequent failure
because of the extreme complexity for filter specification that
resulted in the inverse action of what was expected i.e. specifically
permitting things that were expected to be not allowed.  There has
sometimes been some human factors studies about failing gracefully
... but this was so complex and was prone to failing in the worst
possible way (doing the exact opposite of what was intended).

While hardware appliances might be less susceptible to roque software
... there might be some slight tendency for their ease-of-use &
ease-of-configuration to be worse than general purpose software
possibly aggravating configuration related mistakes.

As a result there has been some tendency to offload configuration
related activities for hardware appliances to more general purpose
platforms ... which then makes them software vulnerable to roque
software with regardd to configuration operations. The other avenue is
to eliminate as much of the configuration flexibility as possible.

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

NSA chooses ECC

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: NSA chooses ECC
Newsgroups: sci.crypt
Date: Mon, 27 Oct 2003 02:40:53 GMT

"Roger Schlafly" writes:

A pretty silly assertion. The US govt had already endorsed DSA,
Diffie-Hellman, and RSA. Obviously with NSA backing.

fips186-2, ec/dsa, x9.62 ... and the approved curves (see multiple
references on following page)
http://csrc.nist.gov/cryptval/dss.htm

both RSA and ec/dsa specifications are taken from X9 standards.

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

Cray to commercialize Red Storm

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Cray to commercialize Red Storm
Newsgroups: comp.arch
Date: Tue, 04 Nov 2003 12:09:26 GMT

nmm1@cus.cam.ac.uk (Nick Maclaren) writes:

Unfortunately, I cannot provide references, but the last is VERY
different from the situation that we found in the 1970s.  The reason
is pretty clearly that most mainframe systems supported streaming
sequential I/O as primary, whereas the Unix model implements it as
a way of using cached direct access I/O.

one of the changes that started to appear by the late 70s was the
over abundance of memory.

A related impact this had was in managing multi-tasking levels and the
associated virtual pages in a virtual memory environment.

During the late '60s and much of the '70s ... only very highly
recently used tended to remain in real storage. Very high speed
streaming paging devices were used to quickly move pages into and out
of memory.

By the late 70s two things were starting to happen:

1) cpus were getting faster, much faster than the paging device
   technology was getting faster (by factor of between 5-10)
2) significant increase in available memory in common configurations

because of #2, virtual page resident lifetimes became much longer
... even for relatively lightly used virtual pages. it was a good
thing because the paging device technology wasn't keeping up with
demand to move pages in/out of real storage.

in some sense during the '60s and '70s, i/o capacity was being used to
compensate for real storage bottleneck. by the late '70s, the
bottleneck was shifting from memory to i/o ... and you started to see
the use of real storage to compensate for the emerging I/O
bottleneck. This was somewhat assisted by the use of cpu caches
.... much larger, less expensive memory technology could be used as
processors got faster (i.e. large storage memory technology speed
didn't have to tract processor speed).

there are still some fundamental filesystem trade-off issues for
things that might have high re-use probability and benefit from being
cached ... vis-a-vis things that have little or no probability of
being re-used. A single cache/copy filesystem paradigm can benefit
high probability re-use data ... but degrades (compared to direct
transfer) for low probability re-use data.

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

Macros and base register question

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Macros and base register question
Newsgroups: bit.listserv.ibm-main
Date: Tue, 04 Nov 2003 12:34:45 GMT

vxp@ibm-main.sympatico.ca (Vic Petrone) writes:

Hello,

Does anyone know if there is an assembler macro instruction that
will return the base register number of a given field name (ordinary
symbol)?

Thanks,
Vic

there were at least one set of macros done off the h-assembler
slac-mods in the 70s ... which used a macro for generating the using
statement ... and you could query what registers were currently being
"using". However, that didn't directly get you to a specific field.

In the early '70s, I had done a program (written in pli) that tried to
do a detailed analysis of assembler program from the listing output
... it tracked register use in generated instructions and (tried to
do) correlated registers generate for addressing with the fields,
recognize possibly dead code, detailed flow analysis, recognize
if/then/else structures .... and tried to generate equivalent
high-level pseudo code.

One of the issues ... w/o implementing a full assembler ... just
analysing the listing file didn't identify what structure a particular
field was part of (although the generated code in the listing file did
show which register was being used for addressability).

I also adopted it to work with the tss/360/370 assembler. The listing
outputs were similar but the tss/360 assembler added the csect/dsect
id as prefix to the storage displacement field i.e. in the hex code
... instead of just giving the storage displacement that corresponded
to a variable field .... it would give the csect/dsect id of the
structure that the variable was part of. Then just go to the table of
csects/dsects and get the name of each structure that corresponded to
the displacement id-identifier.

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

ftp authentication via smartcard

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: ftp authentication via smartcard
Newsgroups: alt.technology.smartcards
Date: Tue, 04 Nov 2003 23:05:52 GMT

"red" writes:

Anybody have any experience with this?  I'm considering writing my
own AUTH mechanism for handling authentication and would like to
conform to any existing protocols that may exist beyond GSSAPI.
Googling didn't return anything concrete -- are there no such
protocols considered to be "standard"?

look at whole genre of gss-api/kerberos stuff on multiple
platforms... also look at pc/sc (windows platforms and others) for
interface between smartcards and authentication infrastructure.

kerberos related stuff, start at
http://www.garlic.com/~lynn/rfcietff.htm

and under RFCs listed by select Term (term->RFC#)

it is possible to select "GSS" in the Acronym fastpath:

generic security service  (GSS)
 see also network services , security
 3645 2853 2744 2743 2623 2479 2478 2203 2078 2025 1964 1961 1509 1508

it is also possible to scroll down to "Kerberos"

kerberos
 see also authentication , security
 3244 3129 2942 2712 2623 1964 1510 1411

clicking on a RFC number brings up the RFC summary in the lower
frame ... clicking on the ".txt=nnnn" in the RFC summary retrieves
that actual RFC.

misc. other kerberos references:
http://www.garlic.com/~lynn/subpubkey.html#kerberos

you can try search engine on "PC/SC" and "kerberos"; one such
reference that comes up is
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/topics/smrtcard/smrtcdcb/sec1/smartc03.asp

... another search engine hit:
http://www.citi.umich.edu/u/honey/talks/mcard-99-march/tsld027.htm

you might find the muscle website of interest:
http://www.linuxnet.com/

also try looking at ssh support for smartcards (and sftp). search engine
for "ssh" and "smartcard" ... one such search hit:
http://www.ssh.com/products/tectia/client/specifications.html

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

Cray to commercialize Red Storm

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Cray to commercialize Red Storm
Newsgroups: comp.arch
Date: Wed, 05 Nov 2003 00:00:39 GMT

"Bill Todd" writes:

I'm afraid that I can't find any distortion of the historical record
in the statement which you quote above, merely an assertion that if
TCP had been designed differently it would be - different.  Plus an
implication that this different design would have been superior to
the existing one, though of course that's far more subject to
debate.

in the late '80s, there was quite a bit of work on some of this
related to XTP ... which had quite a bit of its support from SGI
... and some of the engineers that worked on pipelined graphics
processing. one of the issues was forcing the checksum from the header
to the trailer ... since if you were using pipeline for calculating
the checksum ... the header would be long gone by the time the
checksum had been calculated. some URLs from search engine on
xpress transport protocol:
http://www.ca.sandia.gov/xtp/xtp.html
http://www.ca.sandia.gov/xtp/biblio.html

an offshoot of the SGI/XTP standardization work was a company called
protocol engines that designed a chip that did both XTP and TCP
protocol acceleration. a couple misc. refs from search engine:
http://citeseer.nj.nec.com/context/21683/0
http://www.mentat.com/xtp/xtpdata.html
http://www.prz.tu-berlin.de/docs/html/prot/protocols/collaboration.html

one of the other design objectives was to be able to go directly
between application address space and the protocol chip with no buffer
copies (but possibly page fixing).

one of the issues was that an attempt was made to push it as "HSP"
(high speed protocol) in ANSI/iso x3s3.3. However, it basically went
directly from the transport interface to the LAN MAC interface.  iso
(and ansi) had a dictate that nothing could be standardized that
violated the OSI model. Since HSP/XTP bypassed the traditional level
3/4 interface ... it violated OSI ... it also violated OSI by talking
to LAN MAC interface (the problem being that LAN MAC sits somewhere in
the middle of OSI level 3 ... and so anything that interfaces to MAC
interface by definition violates the OSI model).

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

Cray to commercialize Red Storm

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Cray to commercialize Red Storm
Newsgroups: comp.arch
Date: Wed, 05 Nov 2003 14:56:06 GMT

jonathan@Pescadero.DSG.Stanford.EDU (Jonathan Stone) writes:

[XTP]

And there was a ... let's say, an _influential_ body of opinion
within the networking community, to the that by the time XTP had
expanded to the point where it attempted to negotiate endian-ness
(and endian-dependent checksums?  I forget) between transport
endpoints, that XTP had effectively failed as a lightweight,
hardware-friendly transport protocol.  YMMV, I'm sure Rob Warnock's
will.

The PEI documents on XTP v4 were hard to find for awhile after PEI
folded, but I think Mentat has the 4.0b spec available for free
download.

yes ... it reminds me somewhat of smartcards ... if you believe you
have the one and true answer ... but people aren't flocking to it ...
then add more features to make it more attractive (rather than KISS)
... since it is obviously only SMOP ... or maybe SMOE. however, the
issue of feature creep is a drift in different direction from the
drift about the problems that they were originally trying to address.

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

Cray to commercialize Red Storm

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Cray to commercialize Red Storm
Newsgroups: comp.arch
Date: Wed, 05 Nov 2003 15:12:35 GMT

rpw3@rpw3.org (Rob Warnock) writes:

Just to flesh out the history a bit: Greg Chesson at SGI had been
working on & promoting XTP for a number of years, and had been
advocating building hardware (ASIC) support for XTP (and protocol
acceleration generally). On the surface that sounded reasonable, since
just as the "Geometry Engine" had been SGI's key to high-performance
3-D graphics, it was thought that some sort of "Protocol Engine" might
do the same thing for high-performance networking.

and there was the XTP Technical Advisory Board that companies could
buy into for some modest tens of thousands per annum. I was rep from
one such company to the XTP/TAB for a couple years. I have possibly
two foot stack of paper somewhere in the basement from that period.

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

DASD history

From: Anne & Lynn Wheeler <lynn@garlic.com>
Date: Wed, 05 Nov 2003 08:57:38 -0700
Newsgroups: bit.listserv.vmesa-l
Subject: DASD history

on Tue, 4 Nov 2003 13:58:21 -0700 wrote:
>Does any one know of a web site that has the history of IBM mainframes disk
>drives (and reference information)?

some amount of the GPD (adstar, err, whatever) website material
disappeared about the time san jose became hitachi.

some misc. web. pages still around:
http://members.optushome.com.au/intaretro/2321DCD.htm
http://www.i-t-s.com/corporate/disk_drive_history.html
http://www.logicsmith.com/hdhistory.html
http://www.sdisw.com/dasd_capacity.html
http://www.columbia.edu/acis/history/2311.html
http://www.cnn.com/TECH/computing/9907/08/1971.idg/
http://www.columbia.edu/acis/history/datacell.html
http://mhhe.com/cit/uit3e/pages/chap6/profile6.html

past postings attempting to gather code-names:
http://www.garlic.com/~lynn/2001l.html#53 mainframe question
http://www.garlic.com/~lynn/2001l.html#57 mainframe question
http://www.garlic.com/~lynn/2001l.html#63 MVS History (all parts)
http://www.garlic.com/~lynn/2002.html#31 index searching
http://www.garlic.com/~lynn/2002o.html#3 PLX
http://www.garlic.com/~lynn/2003b.html#7 Disk drives as commodities. Was Re: Yamhill

--
Anne & Lynn Wheeler    http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

Cray to commercialize Red Storm

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Cray to commercialize Red Storm
Newsgroups: comp.arch
Date: Wed, 05 Nov 2003 20:13:04 GMT

jonathan@Pescadero.DSG.Stanford.EDU (Jonathan Stone) writes:

VMTP had a separate checksum for each 512-byte chunk of data sent,
with bitmasks in the header (which i beleive were covered by a
separate checksum, as you say) to indicate which 512-byte blocks of a
VMTP transaction (rpc) should be retransmitted. I thought the
checksums were in a header, but its been awhile.

VMTP ... published as rfc1045

from my rfc index:

1045 E
  VMTP: Versatile Message Transaction Protocol: Protocol
  specification, Cheriton D., 1988/02/01 (123pp) (.txt=264928)
  (VMTP)

Not so much that I remember VMTP number ... but it is one off from

1044 S
 Internet Protocol on Network System's HYPERchannel: Protocol
 specification, Hardwick K., Lekashman J., 1988/02/01 (43pp)
 (.txt=100836) (STD-45) (IP-HC)

which I had done a product implementation for. The base product was
getting about 44kbytes/sec thruput pretty much consuming a 3090
processor. The rfc1044 changes testing between 4341 and Cray (at Cray
Research) was getting 4341 channel media speed (mbyte/sec) using
extremely modest amount of 4341 (1mip) processor.

the rfc index entries can be found at
http://www.garlic.com/~lynn/rfcietff.htm
specific summary entries
http://www.garlic.com/~lynn/rfcidx3.htm#1044
http://www.garlic.com/~lynn/rfcidx3.htm#1045

select the ".txt=nnn" field retrieves the actual RFC.

any way other bits & pieces from long ago XTP/TAB meeting:

note that standard tcp requires minimum seven packet exchange

vmtp reduced that to minimum five packet exchange

xtp reduced it to a minimum three packet exchange

... not so much of an issue for large transfers .... but makes a
difference if you have a reliable protocol being used for short
transactions (as HTTP originally used TCP).

misc. past posts mentioning doing 1044 support:
http://www.garlic.com/~lynn/subnetwork.html#1044

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

When nerds were nerds

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: When nerds were nerds
Newsgroups: alt.folklore.computers
Date: Thu, 06 Nov 2003 14:30:33 GMT

"Kingbarry2000" writes:

In those days a hanging chad really meant something !
I started out on wiring 402 accounting machines.
They had accumulators and everything, as well as a bar hit printer.
Love those card sorters.

student keypunch room had 407 that was used mostly for doing 80x80
printouts of card programs. students that spent too much time in that
room ... eventually learned to reprogram the plug board.

i got a student summer job programming. the univ. had a 709 with a
1401 for UR<->tape front-end to the 709. That spring that they got a
360/30 somewhat as part of getting some 360 experience in
preparation for getting 360/67 for running tss/360.

the 1401 had a self-loading binary program that "MPIO" written on the
card deck ... and handled the UR<->tape frontend task for 709. My
student job was to replicate the function on 360/30. I was giving 360
principle of operations and various SRLs for 2400 tape, 1403 printer,
2540 reader/punch ... I got to invent multi-tasker, interrupt handlers,
memory allocation, device drivers, etc.

Nominally, the computing center shutdown from 8am sat. until 8am
monday morning (not only during the summer session, but during
standard school year also). I was given the key for the machine room
and allowed to work from 8am sat. until 8am monday with the whole
machine to myself.

One of the first things I learned was at the 8am turn-over on sat.  I
would clean everything ... including taking the 2540 reader/punch
apart ... empty the chad bin, clean the bruches, etc ... and then put
everything back together again.

The 360/67 eventually arrived replacing the 709 ... however it was
quite tramatic. TSS/360 wasn't ready yet ... so they ran os/360.
Student fortran jobs had taken a couple seconds (at most each) on the
tape<->tape under the 709 ibsys monitor. on release 7(?) ... a fortran
student job was taking nearly hundred times longer elapsed time;
effectively unit record speed ... plus really slow os/360 fortgclg
three step job.

My access to the machine room continued into the school year where I
got to play with os/360. Pulling a 48hr shift from 8am sat. to 8am
monday and then doing monday classes was little bit of challenge
(regularly going 60hrs with nothing but maybe 2-3 15 minute catnaps).

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

When nerds were nerds

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: When nerds were nerds
Newsgroups: alt.folklore.computers
Date: Thu, 06 Nov 2003 18:54:33 GMT

jmfbahciv writes:

That's a nice way to start a work stint.

Did you have an interpreter, too?  (I can't think of its name.)
Ours was grossly neglected; I used it occasionionally but didn't
like it at all.

when I first started in the summer .... i just would start using the
equipment ... but after several weeks, I quickly learned that it was
better to start out by first taking stuff apart and cleaning
everything and putting it back together.

the student keypunch room ... had 407, sorter (don't remember the
number), and an interpreter (also don't remember the number). I have
some vaque recollection about the interpreter could be cabled to
something else ... possibly directly to the 407. The interpreter
characters were too large to print one character per column ... to
interpret 80 col. card it needed two rows ... possibly 60(?) chars on
the top row and 20 chars on the 2nd row.

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

When nerds were nerds

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: When nerds were nerds
Newsgroups: alt.folklore.computers
Date: Thu, 06 Nov 2003 18:58:38 GMT

jmfbahciv writes:

I don't know how you did it.  I couldn't have at any age.

somewhat less sleep but easier than farm work .... i remember as a kid
during the summer ... sun coming up before 4am and not really getting
dark until after nine. you could pretty much plow from 4am to 9pm.
have supper around 10 or 11pm, a little sleep, a quick breakfast and
you are ready to go again.

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

IEN 45 and TCP checksum offload

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IEN 45 and TCP checksum offload
Newsgroups: comp.arch
Date: Thu, 06 Nov 2003 21:51:18 GMT

jbennett@umunhum.stanford.edu (James Edward Bennett) writes:

The word "frontend" in the first sentence refers to this kind of
configuration, where the frontend is a separate processor.  He also
discusses how to restore the end-to-end property in this type of
configuration, by sending the message back to the frontend, and
having it recheck the CRC.

remember arpanet predated tcp/ip. arpanet had IMPs (front end
processors) that handled a homogeneous networking environment. It
wasn't until you see IP being slipped in ... in place of the IMPs
... and the great cut-over to IP, 1/1/83. Big part of things prior to
1/1/83 was the HOST/IMP interface.

some disucssion of preparation for the conversion:
http://www.garlic.com/~lynn/2000.html#72 Difference between NCP and TCP/IP protocols
http://www.garlic.com/~lynn/2000.html#73 Difference between NCP and TCP/IP protocols

lots of other random past HOST, IMP, &/or NCP postings:
http://www.garlic.com/~lynn/99.html#37b Internet and/or ARPANET?
http://www.garlic.com/~lynn/99.html#39 Internet and/or ARPANET?
http://www.garlic.com/~lynn/99.html#44 Internet and/or ARPANET?
http://www.garlic.com/~lynn/2000.html#67 Difference between NCP and TCP/IP protocols
http://www.garlic.com/~lynn/2000.html#74 Difference between NCP and TCP/IP protocols
http://www.garlic.com/~lynn/2000b.html#4 "Mainframe" Usage
http://www.garlic.com/~lynn/2000d.html#54 NCP Help (re (D)ARPANET)
http://www.garlic.com/~lynn/2000d.html#67 Is Al Gore The Father of the Internet?^
http://www.garlic.com/~lynn/2001b.html#81 36-bit MIME types, PDP-10 FTP
http://www.garlic.com/~lynn/2001c.html#4 what makes a cpu fast
http://www.garlic.com/~lynn/2001e.html#53 Pre ARPAnet email?
http://www.garlic.com/~lynn/2001k.html#23 more old RFCs
http://www.garlic.com/~lynn/2001l.html#34 Processor Modes
http://www.garlic.com/~lynn/2001l.html#45 Processor Modes
http://www.garlic.com/~lynn/2001m.html#48 Author seeks help - net in 1981
http://www.garlic.com/~lynn/2001n.html#2 Author seeks help - net in 1981
http://www.garlic.com/~lynn/2001n.html#87 A new forum is up! Q: what means nntp
http://www.garlic.com/~lynn/2002.html#32 Buffer overflow
http://www.garlic.com/~lynn/2002b.html#56 Computer Naming Conventions
http://www.garlic.com/~lynn/2002b.html#58 ibm vnet : Computer Naming Conventions
http://www.garlic.com/~lynn/2002c.html#6 medium term future of the human race
http://www.garlic.com/~lynn/2002d.html#15 RFC Online Project
http://www.garlic.com/~lynn/2002e.html#39 Why Use *-* ?
http://www.garlic.com/~lynn/2002g.html#35 Why did OSI fail compared with TCP-IP?
http://www.garlic.com/~lynn/2002g.html#71 Coulda, Woulda, Shoudda moments?
http://www.garlic.com/~lynn/2002h.html#5 Coulda, Woulda, Shoudda moments?
http://www.garlic.com/~lynn/2002h.html#22 Why did OSI fail compared with TCP-IP?
http://www.garlic.com/~lynn/2002h.html#48 Why did OSI fail compared with TCP-IP?
http://www.garlic.com/~lynn/2002k.html#19 Vnet : Unbelievable
http://www.garlic.com/~lynn/2003c.html#42 diffence between itanium and alpha
http://www.garlic.com/~lynn/2003c.html#46 diffence between itanium and alpha
http://www.garlic.com/~lynn/2003c.html#47 diffence between itanium and alpha
http://www.garlic.com/~lynn/2003d.html#13 COMTEN- IBM networking boxes
http://www.garlic.com/~lynn/2003d.html#59 unix
http://www.garlic.com/~lynn/2003d.html#60 Bitnet again was: unix
http://www.garlic.com/~lynn/2003d.html#62 ARPAnet again: Bitnet again was: unix
http://www.garlic.com/~lynn/2003g.html#18 Multiple layers of virtual address translation
http://www.garlic.com/~lynn/2003h.html#17 Why did TCP become popular ?

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

hung/zombie users ... long boring, wandering story

From: Anne & Lynn Wheeler <lynn@garlic.com>
Date: Sat, 08 Nov 2003 13:41:20 -0700
Newsgroups: bit.listserv.vmesa-l
Subject: hung/zombie users ... long boring, wandering story

At the science center
http://www.garlic.com/~lynn/subtopic.html#545tech
... charlie was working on multiprocessing & fine grain SMP
locking (multiprocessing support at the time tended to have a single
global kernel/supervisor lock that the processor would spin on when
interrupt routine was entered). One of the well known results was the
compare&swap instruction (CAS are charlie's initials and
one of the requirements for compare&swap was a mnemonic
that were his initials ... which was later corrupted when the actual
instruction was expanded to CS and CDS).

As part of the work on fine grain locking and multiprocessing support
... charlie had to restructure some of the kernel facilities ... one
such was the serialization function.

Earlier as an undergraduate ... i had done all this performance work,
pathlength stuff, dynamic adaptive scheduling, fair share, page
replacement algorithm, page i/o rewrite, etc... but also had done
something called pageable kernel ... where i created a dummy/system
user with a dummy virtual address space that was mapped to the
kernel. The kernel was carefully built so routines that were to be part
of the pageable kernel area .... were carefully broken into no larger
than 4k and no module crossed a physical 4k boundary ... and all of the
pageable routines were located at the end of the kernel. At boot/ipl
... startup would unpin all the kernel storage above a certain real
address ... and allow it to page in/out. This code never shipped in
cp/67 product.

However, as part of charlie's rewrite of the cp/67 serialization
function ... he also cleaned up some number of zombie process
situations. When getting rid of a process ... the procedure had been
if there was any ongoing asynchronous activity (evidenced by some
control block), the force of the process would be delayed until the
activity finished (so there was no dangling activity/references left
around after the process was totally gone ... which would typically
crash the kernel). Charlie rewrote all that ... so that all sorts of
asynchronous activity was re-assigned to the "system" user ... various
things patched up ... the process was gone ... and any hanging
activity would be associated with the system process which never goes
away. The side effect of all this work (starting out to restructure
the kernel serialization process for multiprocessing) eliminated lots
of system crashes and most known instances of zombie/hung processes.

Along the way .. i started keeping up all the mp modifications for
the routines that i was heavily working with & modifying (paging,
scheduling, dispatching, etc). Unrelated to MP stuff, I also did
restructure of cms and cp to add support for paged mapped filesystem
... and some restructing of shared memory across processes ... a
package of stuff I write a report on called Virtual Memory Management.

In the mean time ... the development group goes off and starts work on
VM/370 .... which retains much of the existing CMS structure ... but
significantly redesigns and rewrites much of the CP kernel. In that
process ... almost all of the scheduling and resource management stuff
(some of which had already shipped in CP/67) I did was dropped.

Eventually, the science center replaces the aging 360/67
multiprocessor with a uniprocessor 370/155 and we start porting lots
of the stuff dropped in the cp/67->vm/370 rewrite to the vm/370
kernel. Much of this was accomplished by the early release 2 vm/370
time-frame ... and besides running at the science center was being
installed at a number of internal locations. One major installation
were the HONE centers (supported all the field, branch, sales,
marketing, etc people around the world)
http://www.garlic.com/~lynn/subtopic.html#hone
http://www.garlic.com/~lynn/submain.html#timeshare

HONE applications were heavily APL based ... but periodically required
some performance assist from applications written in Fortran. At that
time, the only way to get shared pages/segments was via the "IPL"
command and definitions sembled in the SNT kernel routine. APL was
extremely large amount of code & workspaces ... that needed to be
mapped into shared memory for efficiency. However the IPL requirement
made it extremely difficult to transition from an IPL'ed CMS+APL
infrastructure to a CMS+fortran infrastructure (and back). Part of the
release two "VMM" changes was the page mapped file system, additional
CMS routines restructured to reside in shared pages, support for
allowing shared pages to be defined as part of loading an executable
from a page mapped file system. This allowed HONE to easily transition
back and forth between APL and Fortran applications in a shared
segment environment (as easily as a non-shared environment).
http://www.garlic.com/~lynn/submain.html#mmap
http://www.garlic.com/~lynn/submain.html#adcon

Along the way, there was extensive performance profiling work going on
at the science center (somewhat the inception of capacity planning) as
well as extensive performance testing and benchmarking. As part of the
performance profiling, tes