[Info-vax] How would you load balance excess webserver traffic between multiple OpenVMS servers?

Dave Froble davef at tsoft-inc.com
Tue Jan 12 20:02:37 EST 2021 

On 1/12/2021 3:55 PM, ultr... at gmail.com wrote:
> On Tuesday, January 12, 2021 at 2:39:41 PM UTC-5, Stephen Hoffman wrote:
>> On 2021-01-12 18:58:47 +0000, Simon Clubley said:
>>
>>> On 2021-01-12, Arne Vajhøj <ar... at vajhoej.dk> wrote:
>>>> On 1/12/2021 1:18 PM, ultr... at gmail.com wrote:
>>>>> so basically you are stating that the "OpenVMS is most secure OS on the
>>>>> planet" sales pitch bellowed by DEC and not so much HP marketing over
>>>>> the years was just an oxymoron?
>> Counter-productive is among the most charitable of interpretations for
>> that marketing shart.
>>>> But applying 2021 standards to software from the 1980's is silly.
>> Applying knowledge of pre-millennial security and risks and defenses
>> and tooling to 2021-era environment is also silly.
>>> Unfortunately, that is exactly what VSI are doing when making the above
>>> statement.
>> Worse.
>>
>> But then Bob's heard all this before.
>>
>> Write an OpenVMS app with modern security. Try it. Seriously. Go try
>> it. Try a simple secure app-to-app network connection. Write a client
>> and server using a TLSv1.3 connection with full client and server
>> certificate verification and with a certificate revocation check, with
>> encrypted storage data, and with a secure password and secure private
>> key store, and with compatibility with commercial certificate vendors,
>> and call me back. This is one of the most basic operations for an app
>> developer writing a distributed app in 2021. And it's fundamental for
>> that "maybe" app server that's been referenced here. Can OpenVMS be
>> used here? Sure. Can all of this stuff be implemented? Absolutely. Is
>> the source code involved here complex and bug-prone and poorly
>> documented? Yes. Are these tasks easier with higher-level frameworks
>> available elsewhere? Of course.
>> --
>> Pure Personal Opinion | HoffmanLabs LLC
>
> no thanks I would rather pay Process to modify decnet over IP to run in an SSH tunnel.
>

That doesn't even begin to address all the issues.

First, there is no absolute security, just trying to stay ahead of the 
opposition.

Nothing special about DECnet, nor anything really bad about TCP/IP. 
Both work.  Both have issues.  The key thing is being able to talk to 
most of the world.  DECnet has some nice pieces.  But it's not practical 
for non-VMS work, it currently does not support any encryption, and 
there is no valid reason to re-invent any wheels.

-- 
David Froble                       Tel: 724-529-0450
Dave Froble Enterprises, Inc.      E-Mail: davef at tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA  15486

More information about the Info-vax mailing list