[Info-vax] How would you load balance excess webserver traffic between multiple OpenVMS servers?
Stephen Hoffman
seaohveh at hoffmanlabs.invalid
Wed Jan 13 10:24:53 EST 2021
On 2021-01-13 14:55:35 +0000, Arne Vajh��j said:
> On 1/12/2021 2:39 PM, Stephen Hoffman wrote:
>> Write an OpenVMS app with modern security. Try it. Seriously. Go try
>> it. Try a simple secure app-to-app network connection. Write a client
>> and server using a TLSv1.3 connection with full client and server
>> certificate verification and with a certificate revocation check, with
>> encrypted storage data, and with a secure password and secure private
>> key store, and with compatibility with commercial certificate vendors,
>> and call me back. This is one of the most basic operations for an app
>> developer writing a distributed app in 2021. And it's fundamental for
>> that "maybe" app server that's been referenced here. Can OpenVMS be
>> used here? Sure. Can all of this stuff be implemented? Absolutely. Is
>> the source code involved here complex and bug-prone and poorly
>> documented? Yes. Are these tasks easier with higher-level frameworks
>> available elsewhere? Of course.
>
> No argument that VMS is behind regarding tools and libraries.
>
> But it is not obvious to me that the stated goal requires:
> * TLS 1.3 and not just 1.2+
> * client side certificate verification and not just server side certificate
TLSv1.3 is current TLS, and is available within the current OpenVMS TLS kit.
Projects I've worked seek to verify both client and server identities.
Might I have accepted TLSv1.2 or later? Maybe. That makes this example
a little more involved.
Go try it, and call me back, and tell me what you think about the
development effort involved.
--
Pure Personal Opinion | HoffmanLabs LLC
More information about the Info-vax
mailing list