Network Working Group Dr. R. Meier and R. Ingles INTERNET DRAFT FANUC Robotics North America Category: Experimental April 1997 Expire in six months Open Software Distribution Methods Status of this Memo This document is an Internet-Draft. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as "work in progress." To view the entire list of current Internet-Drafts, please check the "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow Directories on ftp.is.co.za (Africa), ftp.nordu.net (Europe), munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or ftp.isi.edu (US West Coast). This memo defines an Experimental Protocol for the Internet community. This memo does not specify an Internet standard of any kind. Discussion and suggestions for improvement are requested. Distribution of this memo is unlimited. Table of Contents 1. Introduction 2. How To Use This Document 3. Abstract Model Concept 4. Definitions 5. Steps and Stages 6. Supplements 7. Selection 8. Transport 9. Expansion 10. Setup 11. Configuration 12. Customization 13. Assembly 14. Integration 15. Cleanup 16. Upgrade 17. Removal 18. Example Format 19. Similarity to Consumer Goods Distribution 20. Example (NCSA httpd via Slackware) 21. Example (Microsoft Internet Explorer via Windows95) 22. Security Considerations 23. References 24. Authors' Address Meier & Ingles [Page 1] RFC NNNN Open Software Distribution Methods April 1997 1. Introduction This document provides a common framework for the coordination of standards employed in software distribution. Software distribution is divided into consecutive steps that encapsulate the procedures necessary to ensure interoperability. This document identifies the boundaries, called stages, between steps. The standards of concern to this RFC specify o the transformation of software from one stage to another, and identify o properties of the software necessary and sufficient to perform the transformation, o properties of the software guaranteed after the transformation, o and protocols necessary and sufficient to exchange information about the software and user. This document is only concerned with aspects of a standard necessary to ensure software interoperability. Increasing use of Internet Official Protocols requires an increasing volume of software to implement those protocols. Increasing interdependence of the that software requires distribution standards to keep the complexity, and consequent support costs from growing excessively. Continuing technology advances require that the standards be independent of operating system, platform, and implementation. It is hoped that this document will promote improving standards by cross-fertilization. It is also hoped that by relating standards used in concert, implementation of these standards will evolve toward seamless systems with no significant administration costs beyond selection. This document is intended to be flexible enough to accommodate advances in technology and increasing software demands, and increasing user demands. This document is intended to be complete enough to ensure the interoperability of distributed software. The authors of this document are simultaneously developing a document template as a reference implementation. This implementation will be the subject of a later RFC. Meier & Ingles [Page 2] RFC NNNN Open Software Distribution Methods April 1997 2. How To Use This Document If unfamiliar with the abstract model concept, please read that section. Please skim the definitions before reading the succeeding sections. Please read the definition of each word when you first encounter it in a section. Please read the stage and step definitions and skim the other sections before reading the examples. Please laugh while reading the informal example. The supplements in this RFC are suggestions only. It is hoped that as step standards evolve, supplement protocols will evolve as well. Software developers - Please use the step definitions as a checklist and provide users with identification of the standards supported by your software for each step. Where applicable and appropriate, please identify standards for the supplements supported by your software. Users - Please use the step definitions as a checklist to determine suitability of the standards used by the software under consideration. Stage protocol developers - Please specify an algorithm that yields a true or false determination of the ability for a given user to successfully continue. Please also specify how to exchange the user and software information necessary and sufficient to make that determination. Step standard developers - Please select stages, identify protocols required and supported, and specify the transformations between chosen stages. Supplement protocol developers - Please specify an algorithm that yields a true or false determination of the applicability for a given user, software, or step. Please specify how to use the information concerned and how to exchange the information. Meier & Ingles [Page 3] RFC NNNN Open Software Distribution Methods April 1997 3. Abstract Model Concept The abstract model in this RFC describes open users and open software. Though some internal features of open users and open software are mentioned, only external features are relevant. Internal features mentioned are examples only. A well-known example of an abstract model is the telephone call. To describe a telephone call, one might explain picking up the handset, dialing a number, talking, and replacing the handset. As an abstract model, the relevant external features include o a definite beginning and end, o selection of a recipient, and o real-time bidirectional capability. Irrelevant internal features include o handset use (headset, speakerphone, or even teletype use are fine), o dialing (touchtone (TM), or even menu selection are also options), and o talking (fax transmission, touchtone (TM) menu use, or leaving a note are also options). Meier & Ingles [Page 4] RFC NNNN Open Software Distribution Methods April 1997 4. Definitions host /n./ a collection of resources including hardware and supporting software whose behavior can be controlled by software e.g. a computer package /n./ a piece of software handled as a unit e.g. httpd-1.5.2a [4] protocol /n./ a collection of information necessary and sufficient to ensure interoperability e.g. Hypertext Markup Language - 2.0 (RFC1866) [3] software /n./ exchangeable information capable of controlling host behavior e.g. a web browser software distribution /n./ the exchange of software between users e.g. the purchase and installation of a web browser stage /n./ a state of software defined by this RFC e.g. delivered standard /n./ published information used to communicate procedures clearly e.g. File Transfer Protocol (RFC959) [1] step /n./ the transformation of software between stages supplement /n./ additional information supplied by the software, user or step user /n./ an entity that initiates software distribution e.g. a computer owner Meier & Ingles [Page 5] RFC NNNN Open Software Distribution Methods April 1997 5. Steps and Stages The steps of software distribution reflect a strictly chronological ordering of stages. At a less precise level, software must be acquired, installed, and used in that order. The following definitions provide a precise ordering based on what is known about the user and software. Meier & Ingles [Page 6] RFC NNNN Open Software Distribution Methods April 1997 The following is the chronological ordering of stages and steps. Step Stage Known to user Known to software -------------------------------------------------------------------- Available | user limits and software limits and | capabilities capabilities | nothing about the nothing about the | software user Acquire Selection | Selected | software meets | criteria Transport | Delivered | software is user | accessible Expansion | Unpackaged | software can be | manipulated Setup | Complete | software is in a | known state Install Configuration | Configured | necessary software necessary user | details are known details are known Customization | Customized | sufficient software sufficient user | details are known details are known Assembly | Assembled | necessary software necessary user | capability exists support exists Integration | Usable | the software is the user is | satisfactory satisfied Cleanup | Clean | reusable resources | not required for | use are reclaimed Use Upgrade | Current | the software is | satisfactory Removal | Removed | all reusable | resources are | reclaimed v Meier & Ingles [Page 7] RFC NNNN Open Software Distribution Methods April 1997 As a mnemonic, each step is described by a question. A corresponding standard specifies how the question is asked, answered, and how the answer is used to transform the software. Selection - How is a package uniquely identified as compatible and fit for a purpose? Transport - How is a package archived and transmitted? Expansion - How is the package divided into its components? Setup - How is the host prepared for package installation? Configuration - How is the package prepared for installation on the host? Customization - How is the package prepared for installation for a particular application? Assembly - How is the package rendered testable? Integration - How is the package rendered available for use? Cleanup - How are resources not needed for use reclaimed? Upgrade - How is the package replaced, reconfigured, recustomized, or reintegrated after use? Removal - How are all the resources allocated to package reclaimed? Meier & Ingles [Page 8] RFC NNNN Open Software Distribution Methods April 1997 6. Supplements In addition to the information that characterizes the stage, there are many other pieces of information that a standard or protocol may specify. None of the following questions are required for compliance with this RFC. Software Supplements Description - How is the package distinct? Version - How is the package identified historically? Source - From where can this package be obtained? Licensing - How is the package licensed? Author - Who wrote this package? Dependency - What is required to use this package? Incompatibility - What other packages is this package incompatible with? Support - What other packages does this package support? Options - What options does this package support? Security - How is the effect of this software isolated from other software? Endorsements - Who endorses (or discourages) use of this package? Recommendations - What other packages are useful with this package? Bugs - What are known problems with this package? Maintainer - To whom and how should bug reports, technical support requests, and suggestions be directed? Meier & Ingles [Page 9] RFC NNNN Open Software Distribution Methods April 1997 User Supplements Description - How is this user distinct? Requirements - What is required to distribute software to this user? Incompatibility - What packages is this user incompatible with? Support - What packages does this user support? Options - What options does this user support? Security - How can this user isolate software from interfering with other software? Endorsements - Who endorses (or disrecommends) this user? Bugs - What are known limitations of this user? Maintainer - To whom and how should bug reports, technical support requests, and suggestions be directed? Step Supplements Verification - How is success verified? Requirements - What is required to perform this step? Maintainer - To whom and how should bug reports, technical support requests, and suggestions be directed? Meier & Ingles [Page 10] RFC NNNN Open Software Distribution Methods April 1997 7. Selection The internal features of the description in this section are examples only. Only external features are relevant. Purpose - to identify packages that may be suitable for the intended host and application Available stage - An online catalog describes several available packages and includes a URL [2] for identification and download. Action - We read the descriptions and record the URL of the package that looks best. Selected stage - We have a URL [2] that we can use to download. Relevant features: o A suitable package is identified. Meier & Ingles [Page 11] RFC NNNN Open Software Distribution Methods April 1997 8. Transport The internal features of the description in this section are examples only. Only external features are relevant. Purpose - to deliver the package to the user Selected stage - We have a URL [2] that we can use to download. Action - We give our web browser the URL [2], download the document, and save it to local disk. Delivered stage - The software is in a local file. Relevant features: o We move the software to where we can manipulate it. Meier & Ingles [Page 12] RFC NNNN Open Software Distribution Methods April 1997 9. Expansion The internal features of the description in this section are examples only. Only external features are relevant. Purpose - to divide the package into components Delivered stage - The software is in a local file. Action - We unzip, uncompress, or untar the file. Unpackaged stage - All the components of the software are in local files. Relevant features: o We have the software in pieces appropriate to our tools. Meier & Ingles [Page 13] RFC NNNN Open Software Distribution Methods April 1997 10. Setup The internal features of the description in this section are examples only. Only external features are relevant. Purpose - to acquire the resources required to install the software. Unpackaged stage - All the components of the software are in local files. Action - We make logical links, and short cuts as necessary. Complete stage - The software is ready to install. It is in the state at the start of the installation instructions. Relevant features: o The software becomes ready to begin installation. o We put the software in a state known to the installation instruction writer. Meier & Ingles [Page 14] RFC NNNN Open Software Distribution Methods April 1997 11. Configuration The internal features of the description in this section are examples only. Only external features are relevant. Purpose - to fit the software to the host and application as far as predictable by the software Complete stage - The software is ready to install. It is in the state at the start of the installation instructions. Action - As directed by the README file, we write the domain name server, gateway, and mail server ip address in the browser.init file. We get the ip addresses from our internet service provider. Configured stage - The software knows what it needs to know about us. Relevant features: o We tell the software what it needs to about us. Meier & Ingles [Page 15] RFC NNNN Open Software Distribution Methods April 1997 12. Customization The internal features of the description in this section are examples only. Only external features are relevant. Purpose - to fit the software to the host and application Configured stage - The software knows what it needs to know about us. Action - We write a home document that points to our favorite URLs [2]. This is not needed for installation, but is desirable. Customized stage - The software still knows what it needs, but also knows what else we want to tell it. Relevant features: o We adjust the software to meet our wants. Meier & Ingles [Page 16] RFC NNNN Open Software Distribution Methods April 1997 13. Assembly The internal features of the description in this section are examples only. Only external features are relevant. Purpose - to render the software satisfactory for use Customized stage - The software still knows what it needs, but also knows what else we want to tell it. Action - We compile, link, make, etc. the software. Assembled stage - We can test the software. Relevant features: o We make the software testable. Meier & Ingles [Page 17] RFC NNNN Open Software Distribution Methods April 1997 14. Integration The internal features of the description in this section are examples only. Only external features are relevant. Purpose - to render the software available for use Assembled stage - We can test the software. Action - We move the required files, make symbolic links, make shortcuts, change permissions, and do whatever else is necessary so that the software can be used. Usable stage - The software is available for use. Relevant features: o We make the software available for use. Meier & Ingles [Page 18] RFC NNNN Open Software Distribution Methods April 1997 15. Cleanup The internal features of the description in this section are examples only. Only external features are relevant. Purpose - to render the software available for use Usable stage - The software is available for use. Action - We remove or drag to the wastebasket all the files and directories no longer needed. Clean stage - The resources used for installation but not needed for use are reclaimed. Relevant features: o We reclaim the resources used for installation so they are available for other purposes. o The software is still available for use. Meier & Ingles [Page 19] RFC NNNN Open Software Distribution Methods April 1997 16. Upgrade The internal features of the description in this section are examples only. Only external features are relevant. Purpose - to replace or modify the software while retaining specified configuration or customization Clean stage - The resources used for installation but not needed for use are reclaimed. Action - Since we just changed internet service provider, We change the ip address settings to reflect the new provider. Likewise we change our hotlist as our tastes change. Current stage - The software is available for use. The resources used for upgrade but not needed for use are reclaimed. Relevant features: o The software is still interoperable even when what it operates with changes. o We reclaim the resources used for upgrade so they are available for other purposes. o The software is still available for use. Meier & Ingles [Page 20] RFC NNNN Open Software Distribution Methods April 1997 17. Removal The internal features of the description in this section are examples only. Only external features are relevant. Purpose - to reclaim all resources allocated to the software Current stage - The software is available for use. The resources used for upgrade but not needed for use are reclaimed. Action - We remove or drag to the wastebasket all files associated with the software except those that we keep for archival purposes. Removed stage - Except for historical purposes, all resources used by the software are reclaimed. Relevant features: o Except for historical information, the host has all the resources that it would have if the software had never been installed. Meier & Ingles [Page 21] RFC NNNN Open Software Distribution Methods April 1997 18. Example Format Since this RFC is itself a human readable untagged document (RFC 1543) [7], it can contain human readable untagged documents and so the examples are presented as a human readable untagged document. The reader should be aware that this is an abstract model, and that the actual software and user will determine how information is transferred. Many standards, identify protocols that define documents, so it is probable that actual software and users will often employ documents to communicate. Other common choices include scripts and relational databases. Document Template Standard - o o ... package protocol - o o ... package protocol - o o ... Relevant Features: o o ... Meier & Ingles [Page 22] RFC NNNN Open Software Distribution Methods April 1997 19. Similarity to Consumer Goods Distribution The following example is intended to illustrate humorously how to use this RFC. The following is a tribute to the company of Fibber McGee and Molly and the company of Monty Python's Flying Circus for the decades of entertainment they gave millions. Any relation to other packages, users, or persons, living, dead or fictitious is purely coincidental. Software - a swing set for Teeny, age 3-1/2 User - Fibber McGee, the grown-up across the street Host - her backyard Selection Standard - Seres & Roehart supports the wishbook standard. o The customer reads the wishbook. o The customer notes the order number of desired packages. o The customer communicates the packages desired to the distributor by catalog and order number(s). Available package protocol - A wishbook of toys arrives shortly before Thanksgiving each year. o A wishbook contains an index of packages. o Each package has a picture, description, and price. o Each package has a unique order number. o A wishbook contains ordering procedures. o A wishbook has a unique catalog number. Meier & Ingles [Page 23] RFC NNNN Open Software Distribution Methods April 1997 As our story opens, Teeny brings the wishbook across the street, and asks Fibber to explain it to her. Teeny: "What's this?" Fibber: "It's a wishbook, Sis. It shows all kinds of things you wish you had the money to buy." Teeny: (pointing to a picture) "What's this?" Fibber: "That's a chemistry set." Teeny: "Hey Mister, I wanna chemistry set." Fibber: "But Sis, what would you do with a chemistry set?" Teeny: "Gee Mister, I'd make spinach that's really a hot dog, I betcha." Fibber: "Well Sis, that's fine, but that set's awfully expensive, wouldn't you rather have some chewing gum?" Teeny: (turning to page 523a, and pointing at the Whizzo Quality Swing Set) "I saw a picture of some swell chewing gum." Fibber: "That's not chewing gum, that's a swing set." Teeny: "What's a swing set?" Description Fibber: "It says here, 'The Whizzo Quality Swing is the most popular childrens' outdoor exercise equipment in the world." Teeny: "Is it safe for little girls?" Incompatibility Fibber: "for ages 3 and up" Teeny: "I'm only 3 and a half years old! Buy it for me Mister." "Will ya? huh, huh?" Requirements Fibber: "I don't know. It looks a mite complicated." Teeny: "I bet I can put it together. What's this say?" Standards Supported Fibber: "Assembled with ordinary tools on your kitchen table." "I don't think you quite could handle that, Sis." Teeny: "Handle what?" Fibber: "ordinary tools" Teeny: "What do you do with ordinary tools?" Fibber: "I build things." Teeny: "You can build things? Like what? Fibber: "Well like this swing here? Teeny: "You can build a Swinghear where?" Fibber: "No, build this swing, here?" Teeny: "Where?" Fibber: "On the kitchen table." Teeny: "You're going to build a kitchen table?" Fibber: "No, no, no! I'm going to build this swing set, here on the kitchen table." Meier & Ingles [Page 24] RFC NNNN Open Software Distribution Methods April 1997 Source and Licensing Teeny: "Gee thanks, Mister. I gotta go now, but when you call the phone number on the order form on p. 226, don't forget to order number WS10236-B from page 523a of Catalog 9712a, and include the $3.56 shipping to get next-day delivery of 12 pounds to zone 2 for a total charge of $39.62 on your American Expression. Selected package protocol - The order number identifies the package, and the page and catalog number are additional verification. The United States Post Office has specified rules for parcels. o The parcel must fit inside a box of specified dimensions. o The parcel must fit inside a wrapper of specified dimensions. o The weight must be reported to the next larger pound. o The source and destination address must appear in a specified format in one of several specified positions on the parcel. o Proof of payment (stamps) must appear in one of several specified positions on the parcel. Relevant features: o Teeny has selected a swing set identified by order number. Meier & Ingles [Page 25] RFC NNNN Open Software Distribution Methods April 1997 Transport Standard - Seres & Roehart will use your choice of the United States Postal Service, Federal Expansion, United Package Delivery. Fibber likes the United States Postal Service. o The common carrier will pick up the package at one of several approved locations on the sender's premises. o The common carrier's insurance carrier, the United States Interstate Commerce Commission, and the International Comite d'Aviation Organismes, enforce rules for package transport. o The common carrier will deliver the package at one of several approved locations on the recipient's premises. Selected package protocol - The order number identifies the package, and the page and catalog number are additional verification. The United States Post Office has specified rules for parcels. o The parcel must fit inside a box of specified dimensions. o The parcel must fit inside a wrapper of specified dimensions. o The weight must be reported to the next larger pound. o The source and destination address must appear in a specified format in one of several specified positions on the parcel. o Proof of payment (stamps) must appear in one of several specified positions on the parcel. Fibber and Teeny wait 4-6 weeks for delivery. Verification Teeny: "Hey mister, why did you write in that man's book?" Fibber: "Oh, hello Sis. I was just signing to show that he delivered a package." Teeny: "Who?" Fibber: "That was the mailman." Teeny: "You mean the nice man with the brown bag, blue cap, white shoes, and gold keychain who delivers nice things to little girls." Fibber: "The mailman, that busy businesslike bickerless baby blue-eyed balding bachelor with the back-breaking bag, that backache-biding, bail-bonded, badge-bearing, box-balancing, bringer of big billious bitter bills, brilliant baubles, and ball/banquet/baptism banns, that bag-bearing benevolent baron of the byways, that beagle-bitten bender of the bell button. Yeah, that's him." Delivered package protocol - The package is delivered as a box brought to the front door. The paper industry produces boxes in standard shapes and sizes. o The corrugated paper box is rectangular. o Four sides are unbroken. o The top and bottom each comprise two flaps that fold over to form an approximately flat surface. o When empty, the box collapses to a nearly flat sheet. o The top and bottom are secured with tape between the flaps and between the sides and flaps. Meier & Ingles [Page 26] RFC NNNN Open Software Distribution Methods April 1997 Relevant features: o Fibber has the package where he can use his ordinary tools on it. Meier & Ingles [Page 27] RFC NNNN Open Software Distribution Methods April 1997 Expansion Standard - The instructions contain a manifest. o Fibber opens the box, and skims the instructions. o Fibber removes each component and places it on the kitchen table. o Fibber checks each component against the manifest. Delivered package protocol - The package is delivered as a box brought to the front door. The paper industry produces boxes in standard shapes and sizes. o The corrugated paper box is rectangular. o Four sides are unbroken. o The top and bottom each comprise two flaps that fold over to form an approximately flat surface. o When empty, the box collapses to a nearly flat sheet. o The top and bottom are secured with tape between the flaps and between the sides and flaps. Teeny: "What did he bring this time?" Fibber: "Just a minute, I'll see." Teeny: (looking at the picture) "Hey Mister, it's the Whizzo Quality Swing Set I betcha." (Fibber carries the box to the kitchen floor.) Fibber: (trying to tear the top off the box) "Dad-blatted thing." Fibber: (giving up on tearing the box) "Hey Molly, where is the letter opener." Molly: (from upstairs) "I think it's in the hall closet, Dearie." Teeny: "Hey mister, what is this string?" Fibber: (walking to the hall closet) "What string, Sis?" Fibber: (as Fibber tries the hall closet door knob) "Hey Molly, where's the hall closet key?" Molly: "It's not locked, Dearie." Teeny: (as she pulls the draw string) "Hey Mister, it's open." Verification Teeny: (as she brings the manifest to Fibber trying the door knob) "What does this say?" Fibber: (as she drags Fibber back to the kitchen and starts pulling things from the box, Fibber starts reading the manifest) "High tech elastic adjustable passenger compartment, ... Consarn it, why can't they talk English?" Teeny: (as she pulls out a used inner tube) "Here it is, Mister." Fibber: (reading the manifest) "... adjustable distance frictionless joint ..." Teeny: (as she pulls out a coil of rope) "This is it, I betcha." Unpackaged package protocol - The manifest identifies the type and quantity of all components on the kitchen table. o A kitchen table is a flat surface approximately 1m x 2m. o All items on the manifest are on the kitchen table. Meier & Ingles [Page 28] RFC NNNN Open Software Distribution Methods April 1997 Relevant features: o Fibber has all the parts, as listed in the manifest, ready for installation. Meier & Ingles [Page 29] RFC NNNN Open Software Distribution Methods April 1997 Setup Standard - The instructions include a picture of the tools needed. o Fibber examines the illustration of required tools included in the instructions. o Fibber acquires each required tool and places it on the kitchen table. Unpackaged package protocol - The manifest identifies the type and quantity of all components on the kitchen table. o A kitchen table is a flat surface approximately 1m x 2m. o All items on the manifest are on the kitchen table. Fibber: "Let's see. I need a knife and ruler." Teeny: "You mean a ruler like a king?" Fibber: "No Sis, a ruler is a measuring rod. Now where is that" ruler?" Teeny: "My Dad has a fishing rod." Fibber: "Well it's not quite the same thing. Oh, I remember, I used it find my belt buckle when it fell back behind the oven while I was using it to haul up the hammer that I dropped when I was hammering in the nail to hold up the mirror that I wanted to see where the magnet went for the note that Molly told me to put on the refrigerator. Consarn that women, has to make everything so compilicated. You know Sis, your Dad uses a fishing rod to catch a fish, and I use a measuring rod to fish a catch. Teeny: "So where's the ruler, Mister?" Fibber: "Right here where I left it behind the oven." Teeny: "And I got the knife." Fibber: "Well give me that, a little girl like you shouldn't have a knife." Teeny: "Well sure Mister. A little girl like me shouldn't have a knife, but I could have a ten tool multiplex folding pocket set with, scissors, phillips and straight screwdriver, scale, pliers, pick, file and jig, I betcha." Complete package protocol - The manifest and tool list identify the components and tools necessary. o A kitchen table is a flat surface approximately 1m x 2m. o Ordinary tools include a hammer, scissors, knife, phillips head screwdriver, straight screwdriver, ruler, file, and pliers. o All tools pictured, and all components on the manifest are on the kitchen table. Relevant features: o Fibber is ready to begin installation. o The instruction writer knew what tools and components Fibber has. v Meier & Ingles [Page 30] RFC NNNN Open Software Distribution Methods April 1997 Configuration Standard - The instructions contains step-by-step procedures for fitting the package to its application. o Fibber reads each step in numeric order. o If a choice, Fibber proceeds to the indicated step. o If an action, Fibber carries out the described command. o As he performs each step, Fibber checks it off. Complete package protocol - All components and tools are ready in the assembly area. o A kitchen table is a flat surface approximately 1m x 2m. o Ordinary tools include a hammer, scissors, knife, phillips head screwdriver, straight screwdriver, ruler, file, and pliers. o All tools pictured, and all components on the manifest are on the kitchen table. Fibber: (reading the instructions) "Step 1: Choose a location to place the swing. Select a bough ..." Teeny: "What's a bough?" Fibber: (starting to speak as Teeny continues) "A bough is what a tree does when it's too stiff to curtsy." Teeny: (Starting to drag Fibber to her backyard) "Oh. I got a tree in my backyard." Fibber: "Step 2: Measure the separation of the ground from the bough as shown in Figure 1. Teeny: 'Mister." Fibber: "Measure the girth of the bough as shown in Figure 2 inset. Teeny: "Mister." Fibber: (As they arrive in her backyard)"Don't bother me Sis, this involves some mighty complicated trigger-nom-a-tree." Teeny: "Trigger-nom-a-tree? What's that?" Fibber: "That's all that stuff about angles and lines that a sailor needs to know if he's going to shoot straight." Teeny: "Oh." (as she throws one end of the rope over the bough) "You mean like this?" Fibber: "No. Suppose you wanted to know how high a tree is." Teeny: (as holds one end on the ground, pulls the other end taut and marks the length of rope from ground, over the bough and back to ground) "You mean like the water commissioner's house?" Fibber: "Exactly. With trigger-nom-a-tree, you can look at the sign of the shadow ..." Teeny: (as she pulls the rope back over the bow) "I know where there's a sign at the corner. It's red. Is that a trigonometry sign?" Fibber: "No. Trigonometry is too compilicated for a little girl." Teeny: (as she cuts the rope at the mark) "Well, if trigonometry means calculating the parameters of congruent triangles using sines, cosines, tangents, and secants then I don't want anything to do with it. Teeny: (as she collects the cut rope and the tailing) "The Pythagorean Theorem, and half-angle formulae are too much for me. Gee thanks Mister, I gotta go! Meier & Ingles [Page 31] RFC NNNN Open Software Distribution Methods April 1997 Configured package protocol - All actions necessary to fit the have been performed. o Every step is checked off. Relevant features: o Fibber (or Teeny) has adjusted the package to its application and it is ready to assemble. Meier & Ingles [Page 32] RFC NNNN Open Software Distribution Methods April 1997 Customization Standard - The instructions picture happy users and the customizations they have made. o Fibber examines the pictures. o Fibber examines the enclosed decals. o Fibber paints the tire to taste. Configured package protocol - All actions necessary to fit the have been performed. o Every step is checked off. Old timer: "Hey, Johny. What 'you got there?" Fibber: (as he crosses back to 79 Wistful Vista with the rope and yardstick) "Hey, Old-Timer. I'm making a swing for the little girl across the street." Old timer: "A swing, eh? Well young-un when I was a boy, I made a swing. I even had rockets painted on it by Picasso." Fibber: "Who was this Picasso fellow?" Old timer: "He and I used to pal around. Me and Monet used to take jigsaw puzzles to his house." Fibber: "And I suppose this Picasso fellow couldn't draw, so he used to paint over the jigsaw puzzles." Old timer: "No, he could paint right well, but he never seemed to be able to put the pieces together right." Fibber: "Well I bet I can paint better than this Picasso friend of yours. They used to call me Painter McGee." Old timer: "Don't you believe it. Well, so long rube." Fibber paints ship's rigging and splashing waves on the tire. Customized package protocol - All actions necessary to fit the have been performed. o Every step is checked off. Relevant features: o Fibber has personalized the package and the package is adjusted and ready to assemble. Meier & Ingles [Page 33] RFC NNNN Open Software Distribution Methods April 1997 Assembly Standard - The instructions contain an assembly diagram with arrows that indicate what components come together. o Fibber examines the assembly diagram. o According to each arrow, he combines two components. o Fibber examines the exploded view detail in order to tie the hangman's noose that attaches the rope to the tire. Customized package protocol - All actions necessary to fit the have been performed. o Every step is checked off. Fibber: (reading instructions) "Pass the low-friction hinge through the passenger compartment. The hangman's noose is shown there." Fibber ties one end of the rope securely to the tire. Fibber: "Hmmm. I'd better make sure that know is secure. I'll hang it from the beam in the garage." Fibber carries the rope and tire to the garage, throws the other end over the beam and draws the tire off the ground. Verification Fibber: "Hmmm. That seems strong, but I'd better put some weight on it." Fibber: (after standing on the tire) "That holds but what if it slips when swinging." Fibber: (as he starts to swing) "Sailing, Sailing, ... Avast there ye swabs. All hands on deck. Land Ho! ..." Gildersleeve: (just noticed by Fibber) " Forgot your ship didn't you, Little Chum? I'll bet this is as close as you ever got to the sea." Assembled package protocol - The assembly diagram frames a drawing of the assembled package. o The package looks like the center of the assembly diagram. Relevant features: o Fibber is ready to test the swing. Meier & Ingles [Page 34] RFC NNNN Open Software Distribution Methods April 1997 Integration Standard - The instructions contains step-by-step procedures for installing the package in various situations. o Fibber selects the section on "Installing under a tree." o Fibber reads each step in numeric order. o If a choice, Fibber proceeds to the indicated step. o If an action, Fibber carries out the described command. o As he performs each step, Fibber checks it off. Assembled package protocol - The assembly diagram frames a drawing of the assembled package. o The package looks like the center of the assembly diagram. assembled package. Fibber: (getting off the swing) "While you're standing there like a Kansas City whale, I'm installing this swing for the little girl across the street." Gildersleeve: "Whale! Now see here McGee." Fibber: (pulling the rope back off the beam, and handing the tire to Gildersleeve) "Instead of standing there like a bell with your clapper swinging why don't you take this across the street." Gildersleeve: (taking the tire) "What do you know about installing a swing?" Fibber: (taking the ladder) "More than you, Bub." Gildersleeve: (crossing the street) "Don't forget the instructions. You wouldn't know which end to put over the tree otherwise." Fibber: (setting up the ladder) "I'd not only know which end goes where, but as a sailor in the Big One, I'd even know how to tie the knot. Who ties your shoes for you?" Gildersleeve: (throwing the rope over the bough and lifting the tire) "Muscle-less, who closes the clip when you tie your tie?" Fibber: (as he ties the knot) "Now there lard-liver, better let me see if you held the tire straight." Verification Gildersleeve: (as he climbs on) "I'm warning you McGee. I'd better see if you tied the knot straight. He-he-he-he, this is all right." Usable package protocol - The swing looks like the picture. o The instructions picture happy users. Relevant features: o Fibber has rendered the package ready for use. Meier & Ingles [Page 35] RFC NNNN Open Software Distribution Methods April 1997 Cleanup Standard - The happy user pictures show what is required for use. o Fibber removes everything (ladder, ruler) from the swing area not shown in the picture. o Fibber removes everything from the kitchen table. o Fibber replaces the tools in their storage places. o Fibber puts the extra rope in the garage for later use. o Molly archives the instructions and invoice. o Fibber recycles the box and packing. Usable package protocol - The swing looks like the picture. o The instructions picture happy users. Gildersleeve: (as he trips getting off) "Oh-oh-oh!" Teeny: (as she shows up just in time to enjoy the swing) "Gee, Mister, you look silly. Do it again." Fibber: "" Gildersleeve: "T'ain't funny McGee!" Teeny: (as she gets on). "Gee, thanks Mister. This is the best swing in the whole world I betcha." Fibber: "Well there you are, Sis. Now I'd better put the everything back before Molly discovers that I took her best scissors." Fibber returns the ladder to the garage, the yardstick to the kitchen, and the scissors to the kitchen drawer. The extra rope goes on a nail in the garage. The box and unused decals go in the paper and plastic bins for recycling. Archive Molly: "Hey Dearie, What's this on the kitchen table." Fibber: "That's the bill and instructions for the swing that I built for the little girl across the street. I'll just throw them out." Molly: "That's sweet Dearie, but why don't we keep them. You never know if we might need them." Clean package protocol - Everything in the construction area (kitchen) that was not archived or integrated has been reclaimed. o The kitchen table is clean. Relevant features: o The tools (ladder, yardstick, scissors) are in the garage, ready for later use. The instructions and invoice are stored where they can be retrieved if needed later. The extra rope is ready for later use. The unused decals and box are broken down and sorted for recycling. Meier & Ingles [Page 36] RFC NNNN Open Software Distribution Methods April 1997 Upgrade Standard - A blue envelope in the mail indicates legal instructions. The upgrade is itself a package which has its own steps and stages. o Molly reads the instructions. o Molly orders the upgrade kit. o Fibber takes the swing out of service temporarily. o Fibber installs the upgrade kit, replaces the rope. o Fibber returns the swing to service. Clean package protocol - Everything in the construction area (kitchen) that was not archived or integrated has been reclaimed. o The kitchen table is clean. Inspector: "I'm here to ask about your Whizzo Quality Swing." Publicist: "It's the most popular childrens' outdoor exercise equipment in the world." Inspector: "We've had complaints about your rope." Publicist: "Our what?" Inspector: "The rope that hangs the tire from the tree." Publicist: "Oh you mean our patent-pending Constant-Distance Low-Friction hinge and Macromolecular Elastic Passenger Compartment." Inspector: "It's a spare tire and rope." Publicist: "We use only the finest spare tires hand picked on the finest nights from only the finest waste dumps. The rope was lovingly tressed from only the finest materials." Inspector: "The rope melts in the rain." Publicist: "Ah, well. That's our secret low-friction lubricant." Inspector: "It's cotton candy twined with sewing thread. Publicist: "It tested well during marketing. The children loved it. Some of them ate the entire patent-pending Constant-Distance Low-Friction hinge in one sitting." Meier & Ingles [Page 37] RFC NNNN Open Software Distribution Methods April 1997 Molly: (weeks later, looking at the mail) "Dearie, what's this blue letter?" Fibber: "Oh that's just some legalese from the government. They can't seem to say anything anybody could understand." Molly: "It looks important. Don't you think you better take a look at it." Fibber: "I ain't interested in anything the government has to say that they can't say in plain Eng-a-lish." Molly: "I think it's about that swing set you put in for Teeny a few weeks ago." Fibber: "That's another thing. After the first rain, that dad blamed swing just melted, and now there's a thousand ants there. Why, Teeny cried for days. I don't want nothing more to do with that company." Molly: "Well Dearie, it seems they want to fix it." Fibber: "Oh, they do, do they. Well, they can just wait forever before Fibber McGee gives them another nickel." Molly: "Actually, if you send in a postcard telling them how you installed it, they'll send an upgrade kit free." Fibber: "I don't even want to waste a stamp on them." Molly: "You won't have to. The postcard is business-reply mail." Fibber: "Well all right, let me see that. I guess I can handle filling as complicated a form as they can make." Molly: "I already filled it out. Please be a dear and drop it in the mailbox." Weeks later, a package arrives containing a chain and step-by-step instructions. Fibber attaches the chain, cuts away what's left of the rope, and retests it. Current package protocol - The company notifies Fibber because Molly sent in the registration card. o A registration card lets the company who to notify of upgrades. Relevant features: o The swing was temporarily unusable. o Fibber replaced the rope with a chain. o Fibber cleaned off the mess that had been the rope. o Fibber tested the swing. o The swing was usable again. Meier & Ingles [Page 38] RFC NNNN Open Software Distribution Methods April 1997 Removal Standard - Except for archived records, all encumbrances from the swing are removed. o Fibber removes all the swing components from the backyard. o Fibber puts the reusable components in the garage. o Fibber makes everything available for later use. Current package protocol - The company notifies Fibber because Molly sent in the registration card. o A registration card lets the company who to notify of upgrades. Fibber unhooks the chain from the tree and the tire. Fibber puts the chain in the garage inventory. Fibber takes the tire for recycling. Removed package protocol - Except for the archived records, every area involved, is no longer encumbered by the swing. Reusable resources acquired with the swing are available for other uses. o The kitchen is clean. o The garage is back to the condition it would be in, if the swing had not been installed. o The backyard is back to the condition it would be in, if the swing had not been installed. o The extra rope and the chain are in the garage available for other uses. Relevant features: o Everything in the swing area is reclaimed. o The swing occupies no resources. Meier & Ingles [Page 39] RFC NNNN Open Software Distribution Methods April 1997 20. Example: (NCSA Web Server via Slackware) The following example is intended to illustrate the steps and stages of a common computer environment, un*x. The following is intended as neither an endorsement nor disrecommendation of any particular software. The following is neither a complete, precise, or entirely accurate representation of the software named. The descriptions are as accurate as brevity permits, and only as precise and complete as necessary for this example. Software - Web server User - small business owner Host - IBM PC with Linux 2.0.27 Slackware 3.1 (un*x) Selection Standard - Web Search o Search the current Linux Software Map [11]. o Examine the descriptions for web servers. o Note the URL [2] of a suitable web server. Available package protocol - Linux Software Map (LSM) [11] o ftp://sunsite.unc.edu/pub/Linux/docs/LSM/LSM.current.gz Search the current Linux Software Map [12]. > grep server /usr/doc/lsm/LSM.1997-06-25 Examine the descriptions. > emacs /usr/doc/lsm/LSM.1997-06-25 Pick a suitable web server. ... Title: NCSA httpd Version: 1.5.2a Entered-date: 01JAN96 Description: NCSA httpd is a HTTP/2.0 compatible server for making hypertext and other documents available to the web community. Designed to be easy to install and configure. For online documentation open http://hoohoo.ncsa.uiuc.edu Keywords: http, daemon, ncsa, mosaic, world wide web Author: httpd@ncsa.uiuc.edu (NCSA) Primary-site: ftp://ftp.ncsa.uiuc.edu /Web/httpd/Unix /ncsa_httpd/httpd_1.5.2a /httpd-export_linux2.0.0.tar.gz Copying-policy: public domain ... Meier & Ingles [Page 40] RFC NNNN Open Software Distribution Methods April 1997 Selected package protocol - RFC1738 Uniform Resource Locators (URL) [2] o ftp://ftp.ncsa.uiuc.edu/Web/httpd/Unix /ncsa_httpd/httpd_1.5.2a/httpd-export_linux2.0.0.tar.gz Relevant Features: o We have a URL [2] that we can use to acquire the package. Meier & Ingles [Page 41] RFC NNNN Open Software Distribution Methods April 1997 Transport Standard - RFC959 (STD9) File Transfer Protocol [1] o Grant an unprivileged user, a directory in which to safely install the package. o As an unprivileged user, download the package. o Create a maintenance log as a single-point-of-reference regarding the history of this package. Selected package protocol - RFC1738 Uniform Resource Locators (URL) [2] o ftp://ftp.ncsa.uiuc.edu/Web/httpd/Unix /ncsa_httpd/httpd_1.5.2a/httpd-export_linux2.0.0.tar.gz Make a directory and give it to an unprivileged user. > sudo mkdir -p /usr/packages/httpd-1.5.2a > sudo chown tool /usr/packages/httpd-1.5.2a > su tool Create a directory to hold the original package, and other archives. > mkdir -p /usr/packages/httpd-1.5.2a/original > cd /usr/packages/httpd-1.5.2a Start a maintenance log on this package. > emacs original/README.out Download the package > lynx -source ftp://ftp.ncsa.uiuc.edu/Web/httpd/Unix /ncsa_httpd/httpd_1.5.2a/httpd-export_linux2.0.0.tar.gz > original/httpd-export_linux2.0.0.tar.gz Security - Except for the initial directory creation, no privileges were required. Accidental and malicious interference are minimized by the use of an unprivileged user, tool, that owns only this one directory. Un*x will veto any attempt to alter any part of the system not open to the world, or in this one directory. Delivered package protocol - gzip(1) [6], tar(1) [5] o The package is a single compressed archive file. Relevant Features: o The package is on the local machine. o The effect of the package is restricted to a directory. Meier & Ingles [Page 42] RFC NNNN Open Software Distribution Methods April 1997 Expansion Standard - tar(1) [5] o Uncompress the file. o Read the license terms. Delivered package protocol - gzip(1) [6], tar(1) [5] o The package is a single compressed archive file. Uncompress the file. > tar -zxvf original/httpd-export_linux2.0.0.tar.gz Read the license terms. > cd httpd_1.5.2a-export > emacs COPYRIGHT Read the introduction called README. Read the administrivia files (indicated by UPPER-CASE filenames). Security - No privileges were required. Un*x will veto any attempt to alter any part of the system not open to the world, or in this one directory. Unpackaged package protocol - Un*x filesystem [8] o The administrivia files have standard upper-case names e.g. README. o The files are in standard locations relative to the package root, e.g. src, lib, var. Relevant Features: o All the files are now on the local machine, where they can be manipulated. o The installation instructions in a readable file, httpd/README. o The licensing, history, known bug list, etc. are in identified readable files. Meier & Ingles [Page 43] RFC NNNN Open Software Distribution Methods April 1997 Setup Standard - make(1) [9] o Execute a platform independent script Unpackaged package protocol - Un*x filesystem [8] o The administrivia files have standard upper-case names e.g. README. o The files are in standard locations relative to the package root, e.g. src, lib, var. Execute the script > make Please choose a system type. Valid types are aix3, aix4, sunos, sgi4, sgi5, hp-cc, hp-gcc, solaris, netbsd, svr4, linux, next, ultrix, osf1, aux, bsdi, sco5 If you do not have one of these systems, you must edit src/Makefile, src/portability.h, src/config.h, cgi-src/Makefile, and support/Makefile Choose a system > make linux Security - No privileges were required. Un*x will veto any attempt to alter any part of the system not open to the world, or in this one directory. Complete package protocol - Linux Filesystem Structure [8] o The administrivia files have standard upper-case names e.g. README. o The files are in standard locations relative to the package root, e.g. src, lib, var. Relevant Features: o The files are in an accessible place and form. o The required tools have been found. o The installation instruction writer knows the file placement. o The installation instruction writer can access the tools. Meier & Ingles [Page 44] RFC NNNN Open Software Distribution Methods April 1997 Configuration Standard - American National Standards Institute Data Interchange Format (DIF) o Configure the package by editing the values in a human readable database. o The package reads the configuration file at the start of each session and when instructed to reread it. Complete package protocol - Linux Filesystem Structure [8] o The administrivia files have standard upper-case names e.g. README. o The files are in standard locations relative to the package root, e.g. src, lib, var. Comma-separated-variables, tab-separated-variables, and Intel-format are common names for DIF files using particular comment character field separator pairs (#, #\t, !:) Copy the example configuration files. > mkdir ../conf > cp conf/access.conf-dist ../conf/access.conf > cp conf/httpd.conf-dist ../conf/httpd.conf > cp conf/srm.conf-dist ../conf/srm.conf Edit the configuration files. > emacs ../conf/*.conf (Read the instructions in the comments.) (Set the appropriate directories, permissions, names, etc.) Configured package protocol - American National Standards Institute Data Interchange Format (DIF) o Each configuration file is divided into lines separated by a linefeed and/or carriage return. o The first line is a header. o Every line after the first is a record with 0 or more fields followed by an optional comment. o The first character of the file is the comment character. o The second character of the file is the field separator. o The remainder of the header is ignored. o The comment begins with the comment character and continues to the end of the record. o Fields are separated by the field separator. Security - No privileges were required. Un*x will veto any attempt to alter any part of the system not open to the world, or in this one directory. Relevant Features: o The configuration files are a database that can be read by the package. o The configuration files are editable by the installer. Meier & Ingles [Page 45] RFC NNNN Open Software Distribution Methods April 1997 Customization Standard - This is described in detail in the configuration files [4]. o Create and populate a documents directory. o Create and populate a gateway directory. Configured package protocol - American National Standards Institute Data Interchange Format (DIF) o Each configuration file is divided into lines separated by a linefeed and/or carriage return. o The first line is a header. o Every line after the first is a record with 0 or more fields followed by an optional comment. o The first character of the file is the comment character. o The second character of the file is the field separator. o The remainder of the header is ignored. o The comment begins with the comment character and continues to the end of the record. o Fields are separated by the field separator. Create a documents and gateway directory > mkdir ../htdocs ../cgi-bin Add your web pages and gateways. Security - No privileges were required. Un*x will veto any attempt to alter any part of the system not open to the world, or in this one directory. The AccessFileName optionally in each directory lets the user flexibly restrict access to any or all of his web according to need and desire. Customized package protocol - This is described in detail in the configuration files [4]. o Each document is in a file under DocumentRoot directory. o The default DocumentRoot is ../htdocs. o The directory hierarchy under DocumentRoot determines the hierarchical portion of the documents URL [2]. o A file DirectoryIndex maps to a URL [2] pointer. o The default DirectoryIndex is index.html o A file AccessFileName optionally present in each directory determines who is allowed access to the documents and gateways. o The default AccessFileName .htaccess ... Relevant Features: o The installer can add documents and gateways without the foreknowledge of the package writer. o The installer can tell the package what he wants it to know by placing the documents, gateways, and customization files where the package expects to find them. Meier & Ingles [Page 46] RFC NNNN Open Software Distribution Methods April 1997 Assembly Standard - Since the package includes binaries and is configured by database, there is no assembly required. Customized package protocol - This is described in detail in the configuration files [4]. o Each document is in a file under DocumentRoot directory. o The default DocumentRoot is ../htdocs. o The directory hierarchy under DocumentRoot determines the hierarchical portion of the documents URL [2]. o A file DirectoryIndex maps to a URL [2] pointer. o The default DirectoryIndex is index.html o A file AccessFileName optionally present in each directory determines who is allowed access to the documents and gateways. o The default AccessFileName .htaccess ... Try it. > mkdir ../bin > mv bin/httpd ../bin > bin/httpd & Surf some with your favorite browser. > mosaic Security - No privileges were required. Un*x will veto any attempt to alter any part of the system not open to the world, or in this one directory. Assembled package protocol - Un*x filesystem [8] o The executable is ../bin/httpd. o The configuration is in ../conf o The documents are in ../htdocs o The gateways are in ../cgi-bin Relevant Features: o The executable is in the normal search path, and ready to run. Meier & Ingles [Page 47] RFC NNNN Open Software Distribution Methods April 1997 Cleanup Standard - Un*x filesystem [8] o Remove the expansion directory. o Verify that all directories no longer needed for use or archive are removed. Assembled package protocol - Un*x filesystem [8] o The executable is ../bin/httpd. o The configuration is in ../conf o The documents are in ../htdocs o The gateways are in ../cgi-bin See what directories exist. > ls .. bin cgi-bin conf htdocs httpd_1.5.2a original Remove everything but the usage and archive directory. > cd .. > rm -rf httpd_1.5.2a Security - No privileges were required. Un*x will veto any attempt to alter any part of the system not open to the world, or in this one directory. Clean package protocol - Linux Filesystem Structure [8] o The usable files are in bin conf htdocs and cgi-bin. o The installation notes and the original package are in original. o Everything else is deleted. Relevant Features: o Except for what is needed for use, and archive, all disk space and tools are available for other uses. Meier & Ingles [Page 48] RFC NNNN Open Software Distribution Methods April 1997 Integration Standard - Linux Filesystem Structure [8] o Change ownership of the server and its configuration to a webmaster. o Change ownership of the processes to an unprivileged user, http. o Change ownership of the directories, documents and gateways to a librarian. o Change ownership of the access files to a wizard. o Add the server daemon to the set of system daemons. Clean package protocol - Linux Filesystem Structure [8] o The usable files are in bin conf htdocs and cgi-bin. o The installation notes and the original package are in original. o Everything else is deleted. Change ownership of the server and its configuration to a webmaster (system administrator). This requires user manager privileges. > find bin conf original -exec sudo chown webmaster.www {} ';' Change ownership of the processes to an unprivileged user (guest account). This requires webmaster privileges. > emacs conf/httpd.conf (Edit the User and Group records.) Change ownership of the documents and gateways to a librarian (data manager). This requires user manager privileges. > find htdocs cgi-bin -exec sudo chown librarian.www {} ';' Change ownership of the access files to a wizard (security manager). This requires user manager privileges. > find htdocs cgi-bin -name .htaccess \ > -exec sudo chown wizard.www {} ';' Add the server daemon to the set of system daemons. This requires root (system administration) privileges to edit the system configuration. > emacs conf/httpd.conf (Edit the Port record.) > emacs /etc/inittab (Add a record for httpd.) (Make an entry in the maintenance log.) Meier & Ingles [Page 49] RFC NNNN Open Software Distribution Methods April 1997 Security - Since this is the first point at which there is any intention to remove the package from isolation, this is the first point at which privileges are required. Only specific privileges need be granted. Since this is a small business, the six users, system administrator, user manager, webmaster, librarian, and wizard are only one person. The chief cook and bottle washer may choose to use the same username for all or any subset of the above six users. The benefit of using several usernames is protection against accidentally altering access restrictions, configuration, or content. The benefit of using one username is the convenience of not changing username to let Linux know what your intentions. Usable package protocol - Un*x filesystem [8] and user assignments. o No ownership is required to request a document or gateway. o The system administrator owns the system ports and daemons. o The webmaster owns the server and configuration files. o The wizard owns the access restriction files. o The librarian owns the document and gateway files. Relevant Features: o Anyone can read the documents and use the gateways within the restrictions set by the access files. o Only the webmaster can read or modify the server daemon or its configuration files. o Only the wizard can modify the access restriction files. o Only the librarian can modify the documents and gateways. o Only the process started as a system daemon can access port 80, the default web server port. Meier & Ingles [Page 50] RFC NNNN Open Software Distribution Methods April 1997 Upgrade Standard - Standard engineering division of responsibility. o The system administrator maintains host reliability. o The webmaster maintains the server reliability. o The wizard maintains server security. o The librarian maintains server utility. Usable package protocol - Un*x filesystem [8] and user assignments. o No ownership is required to request a document or gateway. o The system administrator owns the system ports and daemons. o The webmaster owns the server and configuration files. o The wizard owns the access restriction files. o The librarian owns the document and gateway files. "One, a robot may not injure a human being, or through inaction, allow a human being to come to harm. ... Two, a robot must obey the [legitimate] orders given it by human beings except where such would conflict with the First Law. ... And three, a robot must protect its own existence as long as such protection does not conflict with the First or Second Laws." - I, Robot, Runaround, Dr. Isaac Asimov 1942 [10] The web server will not harm the business or its customers by giving away secrets or by failing to supply pertinent information. The wizard maintains this by editing the access restriction files. The web server will satisfy the reasonable document and gateway requests. The librarian maintains by editing the documents, gateways, and documents, as the pertinent information changes. The web server will be available for business and customer use. The web master maintains this by editing the configuration files, as the system administrator keeps the host running. Current package protocol - The Three Laws of Robotics [10] o The web server will not hurt the business. o The web server will satisfy the documents and gateway requests. o The web server will be available for customer use. Relevant Features: o The server is secure, useful, and available. Meier & Ingles [Page 51] RFC NNNN Open Software Distribution Methods April 1997 Removal Standard - "Everything goes except the memory." o Read the maintenance log. o Remove the server daemon from the system daemon set. o Archive the maintenance log. o Remove all the server directories. Current package protocol - The Three Laws of Robotics [10] o The web server will not hurt the business. o The web server will satisfy the documents and gateway requests. o The web server will be available for customer use. Remove the server daemon to the set of system daemons. This requires root (system administration) privileges to edit the system configuration. > emacs /etc/inittab (Delete the httpd record.) (Make an entry in the maintenance log.) Archive the maintenance log. Requires archive manager privileges. > cp original/README.out ~archive/httpd_1.5.2a.README.out Remove the server directories. Requires user manager privileges. > rm -rf /usr/packages/httpd_1.5.2a Removed package protocol - Un*x Filesystem [8] o The maintenance log is archived. o No other directories or files are occupied by the server. Relevant Features: o The server daemon no longer occupies the system scheduler. o The server no longer occupies memory or disk space. o All resources are made available for other uses. Meier & Ingles [Page 52] RFC NNNN Open Software Distribution Methods April 1997 21. Example: (Microsoft Internet Explorer via Windows95) The following example is intended to illustrate the steps and stages of a common computer environment, Windows95. The following is intended as neither an endorsement nor disrecommendation of any particular software. The following is neither a complete, precise, or entirely accurate representation of the software named. The descriptions are as accurate as brevity permits, and only as precise and complete as necessary for this example. Software - Web browser User - Household computer owner Host - IBM PC with Windows95 Selection Standard - Recommendation by The Internet Ramp (an internet service provider) o Read The Internet Ramp Software Menu [13] Available package protocol - Recommendation by internet service provider. [13] o Menu button Read The Internet Ramp home page and navigate to their software recommendations. Selected package protocol - Menu button o [Download IE 3.02 without TIR Registration Dated 6/19/97] Relevant Features: o We know how to acquire the package. Meier & Ingles [Page 53] RFC NNNN Open Software Distribution Methods April 1997 Transport Standard - RFC2068 HyperText Transfer Protocol [14] o [Download IE 3.02 without TIR Registration Dated 6/19/97] o (In the file browser) Create a new folder C:\packages\Internet Explorer 3.02 o (Accept the default filename) msie30.exe Selected package protocol - Menu button o [Download IE 3.02 without TIR Registration Dated 6/19/97] Click on the button Security - Windows95 warns you that an untested application could introduce a virus and offers to save the application in a file. Delivered package protocol - Self-extracting file o c:\packages\Internet Explorer 3.02\msie30.exe Relevant Features: o The package is on the local machine. Meier & Ingles [Page 54] RFC NNNN Open Software Distribution Methods April 1997 Expansion Standard - Open self-extracting file Setup, Configuration, Customization, Assembly, Cleanup, Integrated Standard - setup wizard o Open the file. o Read the license terms. o Execute the setup wizard. Delivered package protocol - Self-extracting file o C:\Packages\Internet Explorer 3.02\msie30.exe Open the file. (double click on it) Answer the setup wizard questions. Find for the files altered by the setup wizard. [Start:Find:Files or Folders ...] Security - Identifying the files altered can give an indication what other services may have been impacted. Usable package protocol - Windows95 Application o The executable is C:\Packages\Internet Explorer 3.02\msie30.exe. o An [Internet] icon appears on the desktop. o An [Internet] icon appears under [Start:Settings ...:Control Panel] Relevant Features: o Internet Explorer appears on the desktop and under [Start]. Meier & Ingles [Page 55] RFC NNNN Open Software Distribution Methods April 1997 Upgrade Standard - Windows95 Control Panel o Open the internet control panel. Usable package protocol - Windows95 Application o The executable is C:\Packages\Internet Explorer 3.02\msie30.exe. o An [Internet] icon appears on the desktop. o An [Internet] icon appears under [Start:Settings ...:Control Panel] Open [Start:Settings ...:Control Panel:Internet]. Select settings from the dialogs, and [Apply] them when satisfied. Current package protocol - Windows95 Application o The executable is C:\Packages\Internet Explorer 3.02\msie30.exe. o An [Internet] icon appears on the desktop. o An [Internet] icon appears under [Start:Settings ...:Control Panel] Relevant Features: o Internet explorer supports the desired options. Meier & Ingles [Page 56] RFC NNNN Open Software Distribution Methods April 1997 Removal Standard - Windows95 Uninstall o Open the software control panel. Current package protocol - Windows95 Application o The executable is C:\Packages\Internet Explorer 3.02\msie30.exe. o An [Internet] icon appears on the desktop. o An [Internet] icon appears under [Start:Settings ...:Control Panel] Open [Start:Settings ...:Control Panel:Add/Remove Programs]. Select [Internet Explorer 3.02] and open [Add/Remove ...]. Removed package protocol - (nothing left) o All the registered files are removed. Relevant Features: o The browser no longer occupies memory, disk space, or other resources. Meier & Ingles [Page 57] RFC NNNN Open Software Distribution Methods April 1997 22. Security Considerations This RFC raises no security issues directly. Security consideration is a supplement that should be addressed by every protocol, standard, package and user. See section Supplement subsection Security above. Meier & Ingles [Page 58] RFC NNNN Open Software Distribution Methods April 1997 23. References [1] Postel, J. and Reynolds J., "File Transfer Protocol (FTP)", STD 9, RFC 959, Internet Architecture Board, 1974. [2] T. Berners-Lee, L. Masinter, and M. McCahill, "Uniform Resource Locators (URL)", RFC 1738, Internet Architecture Board, December 1994. [3] T. Berners-Lee and B. Connolly, "Hypertext Markup Language - 2.0", RFC 1866, Internet Architecture Board, November 1995. [4] Beth Frank, Brandon Long, and Scott Powers, NCSA HTTPD Server Development Group, "NCSA HTTPd", ftp://ftp.ncsa.uiuc.edu /Web/httpd/Unix/ncsa_httpd/httpd_1.5.2a /httpd-export_linux2.0.0.tar.gz [5] John Gilmore and Free Software Foundation, "tar - the GNU version of the tar archiving utility", TAR(1), Slackware, 22 September 1993 [6] Free Software Foundation, "gzip, gunzip, zcat - compress or expand files", GZIP(1), Slackware [7] Postel, J., "Instructions to RFC Authors", STD 1, RFC 1543, Internet Architecture Board, 1993. [8] Daniel Quinlan, "Linux Filesystem Structure", http://www.pathname.com/fhs/1.2/fsstnd-toc.html, 1994 [9] Free Software Foundation, "make - GNU make utility to maintain groups of programs", MAKE(1), Slackware [10] Dr. Isaac Asimov, "Runaround", I, Robot p.30-55, pub. by Bantam Books, ISBN 0-553-29438-5, 1942 [11] Jeff Kopmanis, Lars Wirzenius, and Aaron Scrab, "Linux Software Map", ftp://sunsite.unc.edu/pub/Linux/docs/LSM/LSM.README [12] Jeff Kopmanis, Lars Wirzenius, and Aaron Scrab, "Linux Software Map", ftp://sunsite.unc.edu/pub/Linux/docs/LSM/LSM.current.gz [13] The Internet Ramp, "The Internet Ramp Software Menu", http://www.tir.com/softdown.html [14] R. Fielding, J. Gettys, J. Mogul, H. Frystyk, T. Berners-Lee, "Hypertext Transfer Protocol -- HTTP/1.1", Internet Architecture Board, 1997. Meier & Ingles [Page 59] RFC NNNN Open Software Distribution Methods April 1997 24. Author's Address Dr. Robert J. Meier FANUC Robotics North America 3900 West Hamlin Rd Rochester Hills, MI 48309-3253 Phone: 1-248-377-7469 EMail: robert.meier@fanucrobotics.com Raymond A. Ingles FANUC Robotics North America 3900 West Hamlin Rd Rochester Hills, MI 48309-3253 Phone: 1-248-377-7735 EMail: ray.ingles@fanucrobotics.com Meier & Ingles [Page 60]