From owner-freebsd-chat Sat Oct 4 20:33:45 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id UAA22252 for chat-outgoing; Sat, 4 Oct 1997 20:33:45 -0700 (PDT) Received: from obie.softweyr.ml.org ([199.104.124.49]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id UAA22243 for ; Sat, 4 Oct 1997 20:33:39 -0700 (PDT) Received: (from wes@localhost) by obie.softweyr.ml.org (8.7.5/8.6.12) id VAA07197; Sat, 4 Oct 1997 21:38:03 -0600 (MDT) Date: Sat, 4 Oct 1997 21:38:03 -0600 (MDT) Message-Id: <199710050338.VAA07197@obie.softweyr.ml.org> From: Wes Peters To: Mike Smith CC: chat@freebsd.org Subject: Re: Microsoft brainrot (was: r-cmds and DNS and /etc/host.conf) In-Reply-To: <199709301309.WAA00520@word.smith.net.au> References: <199709301226.OAA22862@bitbox.follo.net> <199709301309.WAA00520@word.smith.net.au> Sender: owner-freebsd-chat@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Mike Smith writes: > > > > I'd much rather send my root password (over SSL) - that way, I can at > > least use S/Key. > > What's the smallest available secure HTTP server you know of? Anyone? Mine. (Soon to be secure.) The current FreeBSD version, written as several C++ classes, weighs in at about 8K of code (minus the libraries, of course). I'd guess that by the time I get secure mode added, it will be in the 20 - 24 K range. Is that reasonable? BTW, I've never written for SSL before, and don't even have it installed on this machine. So take everything I said with a largish grain of salt, right? ;^) > > However, if we're going to use Java anyway, there are lots of crypto > > we could use - but will this be the easiest way of implementing the > > interface? > > IMHO Java may be a lose, unless we can come up with a 'legacy' > interface for the terminal addicts and people with non-Java browsers. I agree; I was thinking more of sticking to forms, and ones supported by Lynx at that. I haven't researched Lynx enough lately, so I'll have to go take a look. Fortunately, one of the groups that is maintaining Lynx is located about a half mile from where I work, and I used to teach there. I can probably find out pretty quickly. ;^) As far as this high-flying Java/JavaScript/Tcl/etc discussion: at Dayna, we purposefully chose to do our interface to be visually interesting and to push the edge of technology. We have active database-linked HTML, server side includes, server push, Java applets, JavaScript, and compiled-in CGIs in our user interface. THIS WAS NOT AN EASY SOLUTION TO THE PROBLEM! As I said before, we had several full time engineers, a full time experienced webmaster, and two dedicated graphical artists spend MONTHS on this. And this user interface is much smaller, perhaps two orders of magnitude smaller, than FreeBSD would require. GIVE IT UP, THIS JUST ISN'T GOING TO HAPPEN! My idea was to keep the user interface, at least for ANY sort of browser tool, pretty simple. It is a straightforward task to product a server that can fill in and rewrite named variables in a database, text file, or whatever; the HTML source file can fill in whatever instructions and/or explanatory text needs to be added to instruct the user on the significance of this variable. Picture this as a sort of on-line rc.conf with the HTML containing the "comments" and the forms part containing the "variables." You can, of course, do some pretty complex things on the server side also, since you have the ability to exec any command on the system by writing a compiled-in CGI, but that really impacts the extensability and maintainability of the project. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC http://www.xmission.com/~softweyr softweyr@xmission.com