Unigroup's January 2001 Meeting Announcement

Security Protocols and Technologies

Jeffrey Altman, Sr. Software Designer,
The Kermit Project at Columbia University

Thursday, January 18, 2001

The Chase Manhattan Bank
55 Water Street, South Tower
13th Floor Conference Room C

6:15 - 6:30 PM Registration
6:30 - 6:40 PM Ask the Wizard - Questions, Answers and Current Events
6:40 - 6:50 PM Unigroup Business
6:50 - 9:30 PM Main Presentation


Happy New Year to all!

Those of you who have been using computers for over 15 years should remember the "good old days" of file transfer which depended on serial cabling, modems and a small handful of communications protocols which could be used to transfer data between machines.

Unix shipped with UUCP (at least from v7) which allowed reliable remote command execution and file transfer. BSD variants of Unix eventually shipped with TCP/IP networking (foundation for the modern Internet). VAXs were running VMS and DECNet, but not UUCP or TCP/IP. And for DOS, those 360k floppies didn't allow for many options.

Before the wide-spread use of TCP/IP networking, one common way of sending files across different platforms was to use Kermit. Kermit's roots go back to Columbia University in 1981. It is both a communications protocol and file transfer program. Over the years it has been ported to just about every machine and operating system you can think of. Certain versions also come with extensive terminal emulation capabilities and have an advanced scripting language built in.

Modern Kermit versions support TCP/IP networking (among others) and can be used as a server for both serial and Internet communications. The freely available C-Kermit 7.x (which runs on many operating systems) and Kermit 95 (commercial product for win32) support Secure Telnet and FTP using Internet standard protocols for Authentication and Encryption such as Kerberos, SRP, and SSL/TLS.

Unigroup's January 2001 meeting will address the usage of Internet Security Protocols and Technologies from a development and implementation point of view.

Web Resources:
 1. The Kermit Project               http://www.kermit-project.org
 2. C-Kermit Home                    http://www.kermit-project.org/ckermit.html
 3. C-Kermit 7.1 Alpha               http://www.kermit-project.org/ck71.html
 4. Kermit Security Features         http://www.kermit-project.org/security71.html
 5. Internet Kermit Service          http://www.kermit-project.org/cuiksd.html
 6. Kermit Standards Reference Page  http://www.kermit-project.org/standards.html
 7. Kermit 95  (win32, commercial)   http://www.kermit-project.org/k95
 8. G-Kermit                         http://www.kermit-project.org/gkermit.html
 9. MIT Kerberos                     http://web.mit.edu/kerberos/www
10. Secure Remote Password           http://www-cs-students.stanford.edu/~tjw/srp
11. OpenSSL                          http://www.openssl.org
12. IETF                             http://www.ietf.org


Caldera has donated three "cartons" of Caldera OpenLinux 2.3 for giveaways at Unigroup meetings. These are full, boxed distributions (3 CDs + Manuals). OpenLinux is a leading commercially supported Linux Operating System! Unigroup will be giving these distributions out (raffling them off) as door prizes at upcoming meetings. Unigroup appreciates Caldera's continued support!

Description of Talk:

Jeffrey Altman, one of the primary authors of Kermit software from Columbia University's Kermit Project and an active participant in the Internet Engineering Task Force (IETF), will present a talk on the incorporation of security protocols and algorithms into an age old communications product. Kermit is traditionally thought of as a serial modem communications. However, it has been used as a telnet client since the mid-80s and other protocols have been integrated since. As the use of the Internet became increasingly popular, the need to protect data transmissions increased as well.

The Kermit Project has worked with other Universities and organizations such as the IETF to design and implement methods for authenticating and protecting the communication sessions in Telnet, Rlogin and FTP. The mechanisms implemented within Kermit include Kerberos 4 and 5; Secure Remote Password protocol; and SSL/TLS (X.509 certificates). This talk will focus on the capabilities of Kermit; the design of the Internet Kermit Service ; and how and why we decided to implement that security methods we chose. The talk will provide an overview of how the security methods work including their strengths and weaknesses.

Speaker Biography:

Jeffrey Altman is the Sr. Software Designer for Columbia University's Kermit Project and Chief Technology Officer for IAM Training and Consulting. He is currently the chairperson of the IETF Telnet Security working group and has edited close to two dozen Internet Drafts and RFCs. He is also a member of MIT's Kerberos development group and actively contributes to the OpenSSL open source development project and the Secure Remote Password (SRP) development effort.

Project Biography:

The Kermit Project has been the central organization behind the development of the Kermit file transfer protocol and the cross platform suite of applications which have been built around the protocol. The flagship implementation, C-Kermit , has been ported to more than 900 variations of Operating System and hardware. It is secure; can be used as a client and a server; supports numerous networking protocols; and sports a high powered scripting language designed specifically for managing data communications.

Post Meeting Notes: Jeff has made his presentation available here. For the best viewing and printing, be sure to click the button up top which expands the text index into the full list of bullet items. Thanks again Jeff!

Complimentary Refreshments and Food will be served.
This now includes salads and sandwiches (eg. turkey, roast beef, chicken, tuna)!

Please join us for this meeting, you won't want to miss it!

[Unigroup Home]