Message-Id: <v03000119aad2be9d5757@[128.102.17.23]>
Date: Tue, 25 Oct 1994 07:29:09 -0700
To: paf@nada.kth.se (Patrik Faltstrom)
From: dcrocker@mordor.stanford.edu (Dave Crocker)
Subject: Re: Port for URN->URC resolution
At 11:28 PM 10/24/94, Patrik Faltstrom wrote:
>True, but I do want on my computer that a service like this is running
>on a secure port even though it is not as secure as the word "secure port"
>implies.
Patrik,
While it seems entirely appropriate to assign a Well Known Port number for
this use, I'd like to underscore the concern for calling it 'secure'. it
isn't secure.
This does not mean that 'the security isn't very good'. It means there is
no security at all. The difference is important and therefore it is
essential that a discussion like this not use the 'S' word at all.
d/
ps. Just to be fair: If your entire network ( or at least the relevant
subnetwork) has ONLY time-sharing machines which in fact restrict access to
ports below 1000, AND ALL of those machines are administered in a full and
formal fashion restricting access to privileged ports AND ALL of those
machines are under lock and key AND ALL of the subnetwork wires are under
lock and key, THEN MAYBE those ports may be called secure...
--------------------
Dave Crocker
Brandenburg Consulting Phone: +1 408 246 8253
675 Spruce Dr. Fax: +1 408 249 6205
Sunnyvale, CA 94086 Email: dcrocker@mordor.stanford.edu