[ih] what is and isn't the web, was Rise and Fall of the Gopher Protocol

[John Day]

Depending on how you look at it, neither did the web. Thinking of the lack of security in http, either assumes the same management or no management.  If it was expected to work with multiple management domains one would expect at least authentication and access control.

All the talk that Internet didn’t consider security is kind of true, but the ARPANET did, at least to the degree machines were able, which wasn’t much in those days.  The Multics guys especially were always bringing it up. The application protocols required authentication, e.g. login.* There was a lot of discussion around mail requiring anonymous login. And Multics added an access control method for mail: append. Rather than give the mail program write access. (Mailboxes were files instead of directories.)

Take care,
John

*Telnet doesn’t because telnet is a device-driver, not a service to log into. But the service commonly built with Telnet does.
> 
>> Tim made a very strong argument that a system with bidirectional links
>> and consistency checks was undeployable at large scale, and of course
>> he was right.
> 
> As far as I can tell, none of the previous hypertext designs seriously
> thought about a system where everything wasn't more or less under the
> same management.
> 
> R's,
> John
> _______
> internet-history mailing list
> internet-history at postel.org
> http://mailman.postel.org/mailman/listinfo/internet-history
> Contact list-owner at postel.org for assistance.