Subject: Re: Looking for NetBSD kernel programmer...
To: Wojciech Puchar <wojtek@chylonia.3miasto.net>
From: Feico Dillema <feico@pasta.cs.uit.no>
List: tech-kern
Date: 02/28/2002 17:35:51
On Thu, Feb 28, 2002 at 03:59:59PM +0100, Wojciech Puchar wrote:
> sounds like marketing noise.

Didn't want to waste to much bandwidth for the initial email. It is
hard not to sound like marketing noise with any one-liner.

> i can understand "safety" as special organization, maybe duplication
> of metadata etc...
Our base design is a distributed storage system called Pesto, which can be
regarded as a base layer on top of which a complete filesystem can be
implemented (the base storage system does not implement a file name space
e.g.). One of our main objectives is to reduce overall system complexity,
and have a common layer that implements basic security mechanisms
(crypto, logging) and safety mechanisms (replication, logging).

Safety in our context then means adding the ability to withstand
faults (fault tolerance) and ---for situations where this may be
impossible, like violations of trust--- adding the ability to recover
(including being able to produce evidence of what went wrong and how,
in order to be able to persue recovery in the real-world, e.g. in a
court of law).

> but what is "mobility"?
With support for `mobility' we mean that the base system should work
efficiently on resource poor machines like PDAs and even (modern)
smartcards. More importantly, we treat mobile nodes as first-class
citizens in the system (as opposed to e.g. Coda). Also, we
support disconnected, semi-disconnected operation by separating
replication (distibution of updates) and consistency control, by
seperating the acquisition of authorization and its actual use.
Other features e.g. allow delegation and offline delegation of
both (and separate) access to storage resources and access to content
further strengthening the usefullness of resource poor devices in the
system as a whole.

> and "security"? it depends of what user/group/access right you set for
> files&dirs, possibly ACL's, but what really special you invent.
Security is about being able to enforce your security policy. A secure
system in practice is one that makes it easy to state and manage your
policies and to enforce them. Or, in other words, a system that makes
it difficult for your security policies to be violated. So, it is a
management problem that can be simplified using well-known security
mechanisms like encryption.

We basically a special, but simple, cryptographic scheme to simplify
management of a user's security policies. It allows a user to worry
about his policies, without having to worry about the mechanisms
that enforce them.

> if something really special put it's description publically. if not,
There's a short work-in-progress paper on-line here:
http://dsonline.computer.org/0107/features/dil0107.htm

Two papers have been submitted for publication (one on overall design,
the other on its security aspects in particular), and hence  will be
made public at some point in time, but are available on request only
for now.

> better do implementation to another more popular OS like windows.
We hope, in time, to make a variety of different implementations.
However, normally, in our academic setting we have no man-power to
build more than research proof-of-concept prototypes with limited
usability.  However, instead of only producing publishable papers we
also like to produce publishable and usable code.  I do not find it
so strange that we choose our first such implementation on the best
quality code-base available, i.e. NetBSD. I am working on a PhD, not a
popularity contest.

Apologies for continuing off-topic, but I felt somewhat provoked. I
will not let myself be provoked into further off-topic postings on
this list. To those that have replied to me already in private:
Thanks for your interest! I will send you more technical and
administrative details by email tomorrow.

Thank you,

Feico.