Prospects for K95 3.0

From the Kermit newsgroup, 23 December 2006.
Jeffrey Altman
Secure Endpoints Inc.


Date: Sat, 23 Dec 2006 00:30:17 -0500
From: Jeffrey Altman
Organization: Send private replies to jaltman at mit dot edu
Newsgroups: comp.protocols.kermit.misc
Subject: Re: Next release of Kermit 95

Frank da Cruz wrote:
> As most of you know, I've been working ever since 2003 to try to convince
> Columbia University management to authorize spending some money to produce
> a new release of Kermit 95 for Windows. With Windows Vista on the horizon
> and galloping towards us, the matter takes on a new urgency. As far as I
> can tell:
>
> http://www.columbia.edu/kermit/k95faq.html#vista

I do not foresee major issues on 32-bit Windows Vista. Where there will be issues are support for the 64-bit Windows Vista platforms. While Kermit 95 will run as a 32-bit application in the WOW64 environment, there will be issues.

Windows Vista requires applications to be digitally signed if they are going to be permitted to make outbound internet connections or accept incoming connections. The existing Kermit 95 release is not digitally signed. The binaries I distribute as updates to registered users are signed.

The Windows Internet Kermit Service is unlikely to work on Vista. The private interfaces that Kermit 95 uses to generate authentication tokens for incoming connections were removed as part of the increased security of Vista.

> K95 2.1.3 works OK on Vista: but there are some bumps, and I did not have
> the opportunity to test every little thing. In any case, it's not just
> Vista. I've written a little sketch of some of the issues and of what
> Kermit 95 3.0 might look like here:
>
> http://www.columbia.edu/kermit/k95next.html
>
> and I put up a survey to collect some info from K95 users here:
>
> http://www.columbia.edu/kermit/k95survey.html
>
> I'd appreciate it if all K95 users would take the time to fill it out.
> It's anonymous and all answers are optional. The new management here
> needs some convincing, and in the end the marketplace speaks loudest.

The most important questions that I would ask if I were Columbia University management are:

Free updates to existing Kermit 95 users will not generate revenues sufficient to underwrite the development costs.

To give users some idea of the costs of software development. Secure Endpoints Inc. has developed the Network Identity Manager which is distributed as part of MIT Kerberos for Windows version 3.1. This application cost more than $225,000 to design and implement. The AFS and K.X509 plug-ins for Network Identity Manager cost about $35,000 each.

Kermit 95 is in many ways a much more complex tool to develop and support than Network Identity Manager. It utilizes many more Windows APIs and has a much more challenging user interface. The development costs associated with the upgrade that Frank da Cruz is proposing will require approximately $65,000 to be invested in the short term. At $25 an upgrade license would require 2600 users just to break even.

I encourage you to assist Frank da Cruz make his case to management. I believe the best way to do so is to publicly state what you are willing to pay to see a future release of Kermit 95 from Columbia University.

Jeffrey Altman
Secure Endpoints Inc.
http://www.secure-endpoints.com


Kermit 95 / Columbia University / kermit@kermitproject.org / 23 December 2006