Carlos Guzmán Álvarez wrote:

>Hello:
>
>
>
>>The goal of this proposal is to twofold. First, it is a compatible
>>extension to the remote protocol to handle the problems of encryption
>>and (if desired) data compression. Second, it is a reformulation of the
>>remote implementation architecture to simplify and support future growth.
>>
>>
>>
>Just a minor question, If this is for the remote protocol
>why not use SSL/TLS ??
>
>
>

A network "port" object for ssl could be created in the existing remote
implementation architecture, though a little research might be necessary
to handle the auxiliary sockets for events, but it wouldn't handle
backwards compatibilities. It also is encumbered with certificate
baggage and doesn't address the data compression issue. It also could
have been done any time over the last decade is somebody really wanted it.

I would guess the amount of work would be about the same, though getting
rid of xdr has some side benefits. Personally, I general favor a
lightweight solution under our own control that directly addresses the
problem at hand, leveraging existing mechanisms.

Bottom line, SSL is a viable alternative as long as somebody else wants
to write the code.


[Non-text portions of this message have been removed]