Subject: Re: Looking for NetBSD kernel programmer...
To: Feico Dillema <>
From: Wojciech Puchar <>
List: tech-kern
Date: 02/28/2002 18:48:10
> On Thu, Feb 28, 2002 at 03:59:59PM +0100, Wojciech Puchar wrote:
> > sounds like marketing noise.
> Didn't want to waste to much bandwidth for the initial email. It is
> hard not to sound like marketing noise with any one-liner.

possibly. you could point to url....

> > i can understand "safety" as special organization, maybe duplication
> > of metadata etc...
> Our base design is a distributed storage system called Pesto, which can be
> regarded as a base layer on top of which a complete filesystem can be
> implemented (the base storage system does not implement a file name space
> e.g.). One of our main objectives is to reduce overall system complexity,
> and have a common layer that implements basic security mechanisms
> (crypto, logging) and safety mechanisms (replication, logging).

not sounds clearer and nice. is it something like LVM+encryption?

> Safety in our context then means adding the ability to withstand
> faults (fault tolerance) and ---for situations where this may be
> impossible, like violations of trust--- adding the ability to recover
> (including being able to produce evidence of what went wrong and how,
> in order to be able to persue recovery in the real-world, e.g. in a
> court of law).

i cannot imagine how you want to make 100% sure you will produce evidence
of what went wrong. if someone will gain too much access (violation of
trust) - for example able to write to device, he/she will be able to write
anything and cheat anything.

> > but what is "mobility"?
> With support for `mobility' we mean that the base system should work
> efficiently on resource poor machines like PDAs and even (modern)

now sounds clearer and nice. couldn't you say "low memory/cpu
requirements" at start?

> > and "security"? it depends of what user/group/access right you set for
> > files&dirs, possibly ACL's, but what really special you invent.
> Security is about being able to enforce your security policy. A secure
> system in practice is one that makes it easy to state and manage your
> policies and to enforce them. Or, in other words, a system that makes
> it difficult for your security policies to be violated. So, it is a
> management problem that can be simplified using well-known security
> mechanisms like encryption.
> We basically a special, but simple, cryptographic scheme to simplify
> management of a user's security policies. It allows a user to worry
> about his policies, without having to worry about the mechanisms
> that enforce them.
> > if something really special put it's description publically. if not,
> There's a short work-in-progress paper on-line here:

NICE... will read it tomorrow... why didn't you URLed at first mail :)

> We hope, in time, to make a variety of different implementations.
> However, normally, in our academic setting we have no man-power to
> Apologies for continuing off-topic, but I felt somewhat provoked. I

thank you for answering. first mail sounded like marketdroid noise - now
it sounds really interesting!