From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from tb-mx0.topicbox.com (localhost.local [127.0.0.1]) by tb-mx0.topicbox.com (Postfix) with ESMTP id 41584136E2A1 for <9fans@9fans.net>; Mon, 13 Jan 2020 04:34:07 -0500 (EST) (envelope-from miller@hamnavoe.com) Received: from tb-mx0.topicbox.com (localhost [127.0.0.1]) by tb-mx0.topicbox.com (Authentication Milter) with ESMTP id 7E0DFEBD1D0; Mon, 13 Jan 2020 04:34:07 -0500 ARC-Seal: i=1; a=rsa-sha256; cv=none; d=topicbox.com; s=arcseal; t= 1578908047; b=BmYGWR6VGFqGtW9JoXCTJHkUj7eEYtrL+E/YAIf2qsc75WDebE EQ8NfPFYgXIWkTm89iWp9Jwb0U6lsLYVOFMI8ICS3Cs6GWw/CX/L1tgi2jEOJD3L E3b5MYrtTAyUztRCkJ20TkiVZK9K6ApTh7h6rn0wEdONbMtOFIOZWOd3lCEneZ+8 JndvcQN2j+9X2ATDfvQWvdhvDLBeU8DnVxcgaQQxmGRIaQkjYGRwOsfxpMrDh+gx OvNA60AkW3qdR/GKRd9B35z9B87qVig89UK3OVTXkmXCorqcsY6Dkbg59sPgn4Ao IjiYjt3gf97kWhZkiMnQgZmuzHUjBlhxb55Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d= topicbox.com; h=message-id:to:subject:from:date:in-reply-to :mime-version:content-type:content-transfer-encoding; s=arcseal; t=1578908047; bh=0Jw1kEVGGZjIAiZi67a5yIVULalt2Epd1ezviorDjG8=; b= p+6k5WcbRHWhIXmgzMbu7PrJJHTIiWuPnDknT//YZ3qoSDlmqKulOqSvTvza3TrT XMpVOvqictCccDXDkd8MYooA3MMAEprhgoUfXVt1I6XpfhJN6C1lOMeA2SbHrq71 dLCXDj8YFBQq+I2CKEHQcMutDlWVt9E7Z/wwwZ67Ok+HTc89Mu4bRdkQWR+AD60r Uu8bjSmYidQ9Zk/h+v4aezc229qs0lAVKx6CuPzRkWqFvRuJE9lIt7fwTRT+jaD5 2QB5VDjONnjwKt8HgIZw7zq3X9aAbmb5R1u6lu5B8IunVKXyY9nwGePDgX9Bvtyx ZVBHAksI5LFX1el1JpXCDA== ARC-Authentication-Results: i=1; tb-mx0.topicbox.com; arc=none (no signatures found); dkim=none (no signatures found); dmarc=none policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=hamnavoe.com; iprev=pass smtp.remote-ip=46.235.227.24 (balrog.mythic-beasts.com); spf=pass smtp.mailfrom=miller@hamnavoe.com smtp.helo=balrog.mythic-beasts.com; x-aligned-from=domain_pass (Domain match); x-ptr=pass smtp.helo=balrog.mythic-beasts.com policy.ptr=balrog.mythic-beasts.com; x-return-mx=pass header.domain=hamnavoe.com policy.is_org=yes (MX Record found); x-return-mx=pass smtp.domain=hamnavoe.com policy.is_org=yes (MX Record found); x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES256-GCM-SHA384 smtp.bits=256/256; x-vs=clean score=0 state=0 Authentication-Results: tb-mx0.topicbox.com; arc=none (no signatures found); dkim=none (no signatures found); dmarc=none policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=hamnavoe.com; iprev=pass smtp.remote-ip=46.235.227.24 (balrog.mythic-beasts.com); spf=pass smtp.mailfrom=miller@hamnavoe.com smtp.helo=balrog.mythic-beasts.com; x-aligned-from=domain_pass (Domain match); x-ptr=pass smtp.helo=balrog.mythic-beasts.com policy.ptr=balrog.mythic-beasts.com; x-return-mx=pass header.domain=hamnavoe.com policy.is_org=yes (MX Record found); x-return-mx=pass smtp.domain=hamnavoe.com policy.is_org=yes (MX Record found); x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES256-GCM-SHA384 smtp.bits=256/256; x-vs=clean score=0 state=0 X-ME-VSCause: gggruggvucftvghtrhhoucdtuddrgedufedrvdejtddgtdehucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggvpdfu rfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefkvffuhf ffjgggtgfgsehtkehjtddttdejnecuhfhrohhmpeftihgthhgrrhguucfoihhllhgvrhcu oeelfhgrnhhssehhrghmnhgrvhhovgdrtghomheqnecukfhppeegiedrvdefhedrvddvje drvdegpdekkedrleejrddvjedrkeefnecurfgrrhgrmhepihhnvghtpeegiedrvdefhedr vddvjedrvdegpdhhvghlohepsggrlhhrohhgrdhmhihthhhitgdqsggvrghsthhsrdgtoh hmpdhmrghilhhfrhhomhepoehmihhllhgvrheshhgrmhhnrghvohgvrdgtohhmqecuuffk kgfgpedvledvfeenucevlhhushhtvghrufhiiigvpedt X-ME-VSCategory: clean Received-SPF: pass (hamnavoe.com: Sender is authorized to use 'miller@hamnavoe.com' in 'mfrom' identity (mechanism 'include:_spf.mythic-beasts.com' matched)) receiver=tb-mx0.topicbox.com; identity=mailfrom; envelope-from="miller@hamnavoe.com"; helo=balrog.mythic-beasts.com; client-ip=46.235.227.24 Received: from balrog.mythic-beasts.com (balrog.mythic-beasts.com [46.235.227.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by tb-mx0.topicbox.com (Postfix) with ESMTPS for <9fans@9fans.net>; Mon, 13 Jan 2020 04:34:06 -0500 (EST) (envelope-from miller@hamnavoe.com) Received: from [88.97.27.83] (port=37242 helo=zen.hamnavoe.com) by balrog.mythic-beasts.com with esmtpsa (TLS1.0:RSA_3DES_EDE_CBC_SHA1:192) (Exim 4.92.3) (envelope-from ) id 1iqw6j-0003xt-BJ for 9fans@9fans.net; Mon, 13 Jan 2020 09:34:05 +0000 Message-ID: <15eec2039882779ed0ee76b991ee8678@hamnavoe.com> To: 9fans@9fans.net Subject: Re: [9fans] notes on fossil, ANTS, and 9front/Bell labs controversies From: Richard Miller <9fans@hamnavoe.com> Date: Mon, 13 Jan 2020 09:33:59 +0000 In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit X-BlackCat-Spam-Score: 1 X-Spam-Status: No, score=0.2 Topicbox-Policy-Reasoning: allow: sender is a member Topicbox-Message-UUID: dae489d0-35e7-11ea-b2ff-ce857b8d2f15 steve@quintile.net: > the issue is 9boot would need tls to be able download the kernel from a > file server and it doesn’t have it. this is the labs boot procedure of > course. > > 9front booting uses a full kernel to bootstrap (correct me if i am wrong) > so tls is not a problem there. There isn't a single "labs boot procedure". Any 4th edition Plan 9 system can use the kernel to load another kernel, with whatever embellishments you care to dream up. That's what /dev/reboot is for. If you want to boot over the network mediated by tls, you need a bit of local storage to hold a (stripped down if you like) first-stage kernel and a few commands (which may be embedded in the in-kernel /boot filesystem). That kernel can run a small rc script to do this: srv -e 'tlsclient tcp!$fs!777' reboot /n/reboot reboot /n/reboot/path/to/next/kernel On the server you need a corresponding /bin/service/tcp777 with #!/bin/rc /bin/tlssrv -c /path/to/cert.pem -l listen /bin/aux/trampoline -9 tcp!127.1!564 No exotic extra facilities needed: tlssrv and tlsclient were introduced with 4th edition Plan 9 in 2002.