[34] in Layered Athena
Notes from Layered Athena Policy meeting
daemon@ATHENA.MIT.EDU (nschmidt@Athena.MIT.EDU)
Thu Aug 26 11:40:19 1993
From: nschmidt@Athena.MIT.EDU
To: layered-athena@Athena.MIT.EDU
Date: Thu, 26 Aug 93 11:39:08 EDT
This meeting was held on August 16 to discuss policy re 3rd party licensed
software and Layered Athena. Attendees were those listed in the To: line of
the forwarded message.
------- Forwarded Message
Received: from MIT.MIT.EDU by po6.MIT.EDU (5.61/4.7) id AA28787; Mon, 16 Aug 93 17:27:35 EDT
Received: from TRAVELER.MIT.EDU by MIT.EDU with SMTP
id AA15312; Mon, 16 Aug 93 17:27:24 EDT
Message-Id: <9308162127.AA15312@MIT.EDU>
Date: Mon, 16 Aug 93 17:27:25 EST
From: cec@MIT.EDU (Cecilia d'Oliveira)
To: dmw@MIT.EDU, gjackson@MIT.EDU, jis@MIT.EDU, mar@MIT.EDU, nschmidt@MIT.EDU,
tjm@MIT.EDU
Subject: Notes from Layered Athena policy meeting
We agreed that we could view 3rd party software used within Athena in three
categories:
1. Software that comes with the equivalent of an unlimited site license
2. Software that comes with some restrictions on use (type of user, "use
within Athena", MIT-owned machines, educational vs. research, number of
copies, etc.) but without a vendor-supplied license manager capable of
enforcing restriction
3. Software that comes with restriction on use and with a vendor-supplied
license manager capable of enforcing restrictions.
(Examples include Frame, Autocad)
We agreed that we're covered for Category 1 software by standard AFS
restrictions on access to our file servers (authuser or
Kerberos-authentication)
We agreed that Category 3 software is not a problem for us as long as we
have a manageable mechanism for generating the "approved node" list for
each license manager, i.e. Jeff's bit in Moira plus software that will
allow someone other than Jeff to administer the bit. All public machines
would be configured to have access to all third party software. Private
and departmental machines would be configured for access only after paying
their third party licensing fee.
Category 2 software presents us with the most problems. Although we are
covered for MIT-site restrictions by standard AFS protections, we do not
currently have any means of enforcing restrictions within MIT. Solutions
here might ultimately include our own license manager, a vendor-supplied
license manager or unrestricted licenses.
We then reviewed the wording of the current licenses that are perceived to
be in Category 2.
- -Sabre C: "MIT-owned machines"
- -Matlab: "machines administered by Athena"
- -S+: "machines dedicated to Project Athena"
- -Common Lisp: "for machines used within Project Athena"
This led us to ask the age-old question "what is athena?" We decided that
restrictions on use which have relate to use within Project Athena have
become sufficiently ambiguous as to be meaningless. The availability of
Layered Athena will ultimately mean that virtually any Sun, DEC, HP, IBM or
other popular Unix workstation with connections to the network can be
configured as an "Athena" machine. Given this we decided that our working
definition of Athena machines would be "those machines connected to the MIT
network". This would preclude use of third party software on machines not
connected to MITnet. The number of machines covered in this working
definition might make vendors unwilling to cut us terrific deals for third
party software in the future but we project that most vendors who want
restrictions on use in the future will offer license managers.
With these decisions made we set the following action items.
1. Mark and the Layered Athena team should move forward and prepare plans
for going into test with the Layered Athena DECstation/Ultrix prototype
this fall. The test will involve half a dozen system managers and will
start in a few weeks as soon as the team feels ready.
2. Naomi will go back to Connie and Karen to discuss the problem of
"Athena-use" restrictions in software licenses. She'll tell them that we
have decided to interpret these licenses as restricting use to "any user
capable of authenticating to our Kerberos servers" using "any machine
connected to the MIT network".
3. Jeff and Tim will take the lead in implementing the Iron solution (i.e
adding Jeff's bit in the Moira/host table database) for Category 3 software
in the January timeframe. This will include the extra bit in the database,
plans for generating files for specific license servers, administrative
support plan for "flipping the bit", etc. Jeff will begin by working with
Dot to identify a target third party software package for a test.
4. Tim will take the lead in getting an estimate for the work involved in
finishing off the license server project using "best efforts" approach
rather than the "ironclad" restrictions previously used. This should also
be designed to use Jeff's bit for authorization to restricted third party
software.
5. Someone (who??) will call Sabre to get us the file we need in 30 days
to cover us for the coming year.
------- End of Forwarded Message
