📄 rfc874.txt
字号:
give rise to the interesting observation that DCE's seem to need
a protocol as strong as TCP amongst themselves, but doesn't
strike the author as particularly convincing evidence for viewing
X.25 as anything like a proper H-FP--if for no other reason than
that a central premise of Outboard Processing is that the
Host-side H-FP module must be compact relative to an inboard
generic Network Control Program.)
X.25, then, is rather schizophrenic: It exceeds its brief
as an interface protocol by pretending to be end-to-end
(Host-Host) in some respects; it is by no means a full end-to-end
protocol (its spec very properly insists on that point on several
occasions); it's at once too full and too shallow to be a good
interface; and it's poorly structured to be treated as if it were
"just" an H-FP. (Some would phrase the foregoing as "It's
extremely ill layered"; we wouldn't argue.)
A Note on "Gateways"*
Although it was at least implied in the discussion of
conceptual model problems, one aspect of X.25/X.75 internetting
is sufficiently significant to deserve a section of its own: Not
only does the link-by-link approach taken by CCITT make it
unlikely that alternate routing can take place, but it is also
the case that ARPANET Internet Protocol (IP) based internetting
not only permits alternate routing but also could alt-route over
an "X.25 Subnet." That is, in IP's conceptual model, Gateways
attach to two or more comm subnets "as if they (the Gateways)
were Hosts." This means that they interpret the appropriate
Host-comm subnet processor protocol of whatever comm subnets
they're attached to, giving as the "proximate net address" of a
given transmission either the ultimate (internet addressed)
destination or the address of another Gateway "in the right
direction." And an implementation of IP can certainly employ an
implementation of ("DTE") X.25 to get a proximate net, so ... at
least "in an emergency" X.25 interface presenting Public Data
Networks can indeed carry IP traffic. (Note also that only the
proximate net's header has to be readable by the nodal processor
of/on the proximate net, so if some appropriate steps were taken
to render the data portion of such transmissions unintelligible
to the nodal processors, so much the better.)
________________
* This section was added to address the ill-founded concerns of
several ISORMites that "TCP/IP won't let you use Public Data
Nets in emergencies."
9
RFC 874 September 1982
(Further evidence that X.75 internetting is undesirable is
found in the fact that the U.S. National Bureau of Standards has,
despite its nominal adoption of the ISORM, inserted IP at
approximately L3.5 in its version of the Reference Model.)
The Off-Blue Blanket
Although touched on earlier, and not treatable at much
length in the present context, the topic of security deserves
separate mention. We are familiar with one reference in the open
literature [1] which appears to make a rather striking point
about the utility of X.25 in a secure network. Dr. Kent's point
that the very field sizes of X.25 are not acceptable from the
point of view of encryption devices would, if correct (and we are
neither competent to assess that, nor in a position to even if we
were), almost disqualify X.25 a priori for use in many arenas.
Clearly, uncertified "DCE's" cannot be permitted to read
classified (or even "private") data and so must be "encrypted
around," after all.
It would probably be the case, if we understand Dr. Kent's
point, that X.25 could be changed appropriately--if its
specifiers were willing to go along. But this is only one
problem out of a potentially large number of problems, and,
returning briefly to our concern with the interplay of X.25 and
the DoD, those persons in the DoD who know best what the problems
are and/or could be are debarred from discussing them with the
specifiers of X.25. Perhaps a sufficiently zealous ISORM
advocate would be willing to suggest that Professor Kuo's
publisher be subsidized to come out with a new edition whenever a
problem arises so that if Dr. Kent happens to spot it advantage
can continue to be taken of his ability to write for the open
literature--but we certainly hope and trust that no ISORMite
would be so tone-deaf as to fail to recognize the facetiousness
of that suggestion.
In short, it appears to be difficult to dispute the
assertion that whatever sort of security blanket X.25 could
represent would at best be an off shade of blue.
Space-Time Considerations
Another topic touched on earlier which deserves separate
mention, if only to collect the scattered data in a single
section, is that of what have been called space-time
considerations. That is, we are concerned about how well X.25 in
particular and the ISORM-derived protocols in general will
implement, both in terms of size of protocol interpreters (PI's)
and in terms of execution and delay times.
10
RFC 874 September 1982
On the space heading, certainly the fact that X.25 offers
more functionality in its end-to-end guise than is required to
fulfill its network interface role suggests that X.25 PI's will
be bigger than they need be. As an aside--but a striking one--it
should be noted that X.25's end-to-end functions are at variance
with the ISORM itself, for the "peer entity" of a DTE X.25 entity
must surely be the local DCE X.25. Perhaps a later version of
the ISORM will introduce the polypeer and give rise to a whole
new round of Layering-Theologic controversy.* Speaking of the
ISORM itself, those who hold that each layer must be traversed on
each transmission are implicitly requiring that space (and time)
be expended in the Session and Presentation Levels even for
applications that have no need of their services. The Well-Known
Socket concept of the ARM's primary Host-Host protocol, the
Transmission Control Protocol (TCP), lets Session functionality
be avoided for many applications, on the other hand--unless ISORM
L5 is to usurp the Host's user identification/authentication role
at some point. (Yes, we've heard the rumors that "null layers"
might be introduced into the ISORM; no, we don't want to get into
the theology of that either.)
On the time heading, X.25's virtual circuit view can be
debilitating--or even crippling--to applications such as
Packetized Speech where prompt delivery is preferred over ordered
or even reliable delivery. (Some hold that the X.25 datagram
option will remedy that; others hold that it's not "really
datagrams"; we note the concern, agree with the others, and pass
on.) Speaking of reliable delivery, as noted earlier some
observers hold that in order to present an acceptable virtual
circuit X.25 must have a protocol as strong as TCP "beneath"
itself; again, we're in sympathy with them. Shifting focus again
to the ISORM itself, it must be noted that the principle that
"N-entities" must communicate with one another even in the same
Host via "N-1 entities" even in the same Host is an over-zealous
application of the Principle of Layering that must consume more
time in the interpreting of the N-1 protocol than would a direct
interface between N-level PI's or such process-level protocols as
FTP and Telnet, as is done in the ARPANET-derived model.
Other space-time deficiencies could be adduced, but perhaps
a shortcut will suffice. There is a Law of Programming
(attributed to Sutherland) to the effect that "Programs are like
waffles: you should always throw the first one out." Its
relevance should become
________________
* And perhaps we now know why some just draw the highrises.
11
RFC 874 September 1982
clear when it is realized that (with the possible exception of
X.25) ISORM PI's are in general either first implementations or
not even implemented yet (thus, the batter, as it were, is still
being mixed). Contrast this with the iterations the
ARPANET-derived PI's--and, for that matter, protocols--have gone
through over the years and the grounds for our concern over
X.25/ISORM space-time inefficiency become clear irrespective of
corroborative detail. Factor in the consideration that space-time
efficiency may be viewed as contrary to the corporate interests
of the progenitors of X.25 ("the PTT's") and at least the current
favorite for ISORM Level 4 (ECMA--the European Computer
Manufacturers' Association), and it should become clear why we
insist that space-time considerations be given separate mention
even though touched upon elsewhere.*
Getting Physical
Still another area of concern over X.25 is that it dictates
only one means of attaching a "DTE" to a "DCE." That is, earlier
references to "the X.25 protocol(s)" were not typographical
errors. Most of the time, "X.25" refers to ISORM Level 3;
actually, though, the term subsumes L2 and L1 as well. Indeed,
the lowest levels constitute particular bit serial interfaces.
This is all very well for interfacing to "Public Data Nets"
(again, it must be recalled that X.25's roots are in CCITT), but
is scarcely appropriate to environments where the communications
subnetwork may consist of geosynchronous communications satellite
channels, "Packet Radios," or whatever. Indeed, even for
conventional Local Area Networks it is often the case that a
Direct Memory Access arrangement is desired so as to avoid
bottlenecking--but DMA isn't HDLC, and the "vendor supported X.25
interface" so prized by some won't be DMA either, one imagines.
(Speaking of LAN's, at least the evolving standard in that
arena--"IEEE 802"--apparently will offer multiple physical
interfaces depending on comm subnet style [although there is some
disagreement on this point amongst readers of their draft specs];
we understand, however, that their Level 2 shares X.25's end-end
aspirations--and we haven't checked up on DMA capability.) X.25,
then, imposes constraints upon its users with regard to interface
technology that are inappropriate.
________________
* The broad issue of design team composition is amplified in
Padlipsky, M. A., "The Illusion of Vendor Support", M82-49,
The MITRE Corporation, September 1982.
12
RFC 874 September 1982
Other Observers' Concerns
This paper owes much to conversations with a number of
people, although the interpretations of their concerns are the
author's responsibility. Mention should be made, however, of a
few recent documents in the area: The Defense Communications
Agency (DCA Code J110) has sent a coordinated DoD position [2] to
NBS holding that X.25 cannot be the DoD's sole network interface
standard; Dr. Vinton Cerf of the ARPA Information Processing
Technology Office made a contribution to the former which
contains a particularly lucid exposition of the desirability of
proper "datagram" capability in DoD comm subnets [3]; Mr. Ray
McFarland of the DoD Computer Security Evaluation Center has also
explored the limitations of X.25 [4]. Whether because these
authors are inherently more tactful than the present author, or
whether their positions are more constraining, or even whether
they have been more insulated from and hence less provoked by
uninformed ISORMite zealots, none has seen fit to address the
"quality" of X.25. That this paper chooses to do so may be
attributed to any one of a number of reasons, but the author
believes the key reason is contained in the following:
Conclusion
X.25 is not a good thing.
References
[1] Kent, S. T., "Security in Computer Networks," in Kuo, F.,
Ed., Protocols and Techniques for Data Communications
Networks, Prentice-Hall, 1981, pp. 369-432.
[2] Letter to NBS from P. S. Selvaggi, Chief, Interoperability
and Standards Office, 7 April 1982.
[3] Cerf, V. G., "Draft DoD Position Regarding X.25" in undated
letter to P. S. Selvaggi.
[4] Personal communications.
13
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -