Motorcycles are quite useful in Paris, besides busses they are a nice way to get around. As you may imagine, I like driving these beasts ... like spending 5 days and 2500km in the French and Italian Alpes, or more. Sometimes motorcycles disappear, not only under snow. In Google, sometimes this page disappears. And there are boats, they move a little bit slower. Lots of canals in France and around.
Hiermit bestätigen wir, dass wir uns zur freiheitlichen demokratischen Grundordnung der Bundesrepublik Deutschland bekennen und keine Aktivitäten entfalten, die der freiheitlichen demokratischen Grundordnung widersprechen.
EdelWeb since 1995 (EdelPhase)Ubi bene, ibi patria
After many years having worked in public research institutes, now living from commercial activities in another country and creating a company, so far, so good. Research, rapid prototyping together with public confrontation remains an important part of my work. The company was sold twice, and IBM liked our logo (, as do others).
The sections on this page contain an extract of my work, the text is organised in rough inverse chronological order.
In 1995, I spent an evening to add another dimension to the java sample three-dimension wire-frame display applet to learn a bit of the new java hype 20 years after having seen a film presented at one of the Annual Mathematical Conference in Bonn produced picture by picture to visualise four dimensions and functions of the field of complex numbers to itself.
- 2012: Public enquiry of NF Z42-020 is over.
- 2011: Back to the roots and some HTML5 hacking. I don't like <div>, as you might see in the source of this page, and elsewhere. The debate about reset.ccs vs normalize.css is nice.
- After may years, OpenSSL includes the EdelKey SRP-TLS. Some cleanup to make the code RFC 5054 conformant was necessary, and some feature to make this mode usable in nodejs. Documentation is still missing.
- Defining an architecture to update smart cards for a federation of French Complementary Health Insurance providers.
- In 2010, a specification for a mass storage USB device with encryption using zero footprint on a host system to unlock the device, e.g. by using something like "echo '1234' >/media/pindev/the.pin".
- In 2009, I became a bit more active in the FedISA association, a reasonable follow up my research of secure archiving. As such, I actively participate in the CN171 of Afnor, the French branch of ISO to develop the new NF Z42-020 (leaving the LTAP work in standby).
- 10 years anniversary of my timestamping server. It has exponential growth (roughly doubles each year).
- Do one-way permutations exist?
- Between 2008 end 2010, several activities around the company PKI for Société Générale: audit of software for the root CA structure ceremonies, development of the key ceremonies for the operational CAs, definition of an enrollment and card delivery process, specifications of usage guidelines for applications, CA policy statements. The work covered organisation, techniques, programming, and some politics.
- Kill IMSConnect's TCP stack with less than 100 TCP/IP connections.
- Quite a little bit of source code auditing of C, Cobol, Assembler, Java, Pascal, ... Although it was for security, the reality is more about quality of code.
- Specification of a profil for XML based signatures for the French DGME. This specification actually limits the whole Xades text for digital signature to a very small profile just by demanding the inclusion of a certificate reference into the signature.
- Specification of a standard for interoperation of information systems for the French Social Security Organsiations from spring 2005 to spring 2006, presented at the 2006 EPFE conference. The main point is distributed authorisation and zero footprint in the existing infrastructures.
- REACTIVATE SIMULA September 2005: With the free Hercules IBM architectures emulator and Volker Bandke's Turnkey MVS, The NCC Simula 67 compiler from 1985 is now working again. Great fun using an operating system that is ready within a second.
- Participation in the IETF LTANS working group. Together with Alexsey Jerman-Blasic, a section concerning this work was presented at the 2005 EuroPKI workshop.
- The EdelKey Project, this was presented at the 2005 EFPE conference and an section is published in the proceedings of the 12th DFN-CERT Workshop Sicherheit in vernetzten Systemen. It took 2 years to convince the OpenSSL and Apache high-priests to get the amuse-guelle part, i.e., the TLS server name extension support, included into the products, IPV4 shortage helped here a bit. And 7 years for TLS-SRP, free competition seems useful.
- Hacking with and in OpenSSL, mod_ssl, Apache HTTP, curl, wxWidgets, or Bouncycastle.
- Technical management of the EU IST project OpenEvidence (There were two motorcycle tours involved to Prague, Vienna and Ljubljana, and the other to the 2004 EPFE conference in Poland. (2002-2004). The demo software is a followup of the Clepsydre project. The is also a free PKI service.
- Participation in the EU IST project EU-PKI (2002-2003)
- Participation in the EU IST project Chronic (2000-2001)
- Studies, installation, and administration of application security infrastructures (certification authorities, secure message handling, time stamping). a little goodie was to provide an OpenSSL version directly usable with VB, i.e., with _stdcall calling conventions.
- Design and implementation of a Timestamping Demonstration Service (since October 2000), generating hundreds of fortune cookies per day.
- Design and implementation of the French La Poste Clepsydre pilot service (2000). Contrary of what was initially asked for, i.e., a service based on RFC 3161 and some proprietary user management, we choosed to use RFC 3029 - DVCS and X.509 certificates for clients which made the solution elegant and small, and it is a free X.509 certification authority.
- EdelSafe architect and development, a server based solution for signature and certificate validation using RFC 3029 - DVCS. (1999-2001). The architecture received an authorisation for use of cryptographic tools from the French authorities, since it allowed to centrally manage encryption certificates for gateways and authories.
- I wrote some part concerning confidentiality for IALTA specifications, very enigmatic,
- Project manager of the French part of the EU project EuroTrust (1996-1997). During this work, I participated in the French GTFA (Groupe de Travail de Fournisseurs d'Administration) which worked on the French contribution to the EU directive on Electronic Signatures. We also programmed a little OCSP server using a bit of reverse engineering of the Unicert ORACLE data base.
- Design and development of a MIXER-RFC 2156 gateway (X.400/88-MIME) with E3X. (1995)
- Integration of electronic micropayment systems into web servers. You could buy Le Monde in 1997 (five french francs) using the GlobeID/Klebox virtual wallet. Together with Patrick Teti, we hacked a html forms based webservice to connect the GlobeId merchant kit to the InterShop Mall software, kind of SOAP with html forms encoding.
- Tools for remote administration of web and mail servers.
- Development of prototypes and real web servers (see the list of our guests and ancient guests).
- Some other fun, like EdelForum, or the applet on this page. Part of this is an object oriented persistance storage on top of an SQL data base.
INRIA 1992-1994 (phase Unix)Fortes fortuna adiuvat
INRIA convinced me that it would good for me to spend some time in Rocquencourt near Paris allowing them to benefit a bit of my previous work, and for me to learn something new. I jumped into the Unix world and became a member of the COMISO group at INRIA.
We developped automatisation tools for the message handling operation and supervision, thus, after a short time, we all had lots of time for research.
- The Y-Net X.400 and Internet gateway project of the European Commision, and the RENATER Internet/X.400 gateway project, that was what we were payed for.
- Participation in RARE working groups for message handling and directories,
- Development of some applications using mofe/wafe, like the HiLarité MabouLe HTML editor,
- X.400/Internet MIXER gateway prototyping, work with students from Ecole de Mines, St.Etienne.
- X.500 systems for network configuration information,
- Indexing of network configuration data bases, like transforming the EARN database BITEARN NODES into an X.500 directory in various ways,
- Phonetic searching and indexing, SOUNDEX is nice, it just doesn't work well with English,
- Cooperation with Telesystemes/E3X to maintain and enhance the X.400 product ucomx400,
- Participation in the RFC 1327 review team.
EARN Office France 1991 (Phase IBM/VM) Quid sit futurum cras, fuge quaerere
GMD had started shutting down all mainframe activities, and, in particular, their IBM MVS facilities. Networking was well on road in Germany. I decided to take a break and took a sabbatical year (from GMD) to worked at the EARN Office near Paris as technical staff member (Paris is in France which is in Europe on Earth, Solar System, Milkyway, The Universe, Et Dieu créa lemonde.fr).
- Maintenance and development of network configuration management tools, i.e., GENROUTS and UPDNODES, actually not UPDNODES because it was just working fine, so I had time for other things.
- Evaluation of the X.25 networks REUNIR and IXI, NJE/OSI interoperability with VAX/VMS systems.The Joiner people were very nice partners.
- Author of the EARN Pocket Guide, in Germany the booklet was censored by DFN,
- Training of new EARN sites, e.g. SUEARN operated at the Institute of Organic Chemics at Moscow, today, it is www.free.net.
- Design, implementation and operation of gateway between IBM's internal network and EARN, in cooperation with IBM France and CIRCE Orsay. This gateway actually uses two gateways converting from the proprietary architectures towards X.400 in back to back mode. One was the standard offer from IBM for interfacing their network.
GMD 1975-1990 (Phase IBM MVS)Ne discere cessa
I worked some time with Volker Blasius at the IBM center of GMD. Volker explains the history of GMD quite well. GMD does no longer exist, the institutes have been integrated into the Fraunhofer Gesellschaft.
- IBM MVS system programmer, design, development, maintenance of OS extensions, and all that jazz, too (JES2) and very exiting.
- IBM cooperation for Network Information Center Environments, a project to create user client software to interface EARN services like the user directory, Or a NETSERV/LISTSERV file server cache. In 1984, the EARN network fileserver NETSERV by Berthold Pasch was a beast to which you talked like 'GET filename' or 'PUT filename', Older servers in BITNET and then also Eric Thomas' revised LISTSERV also used this protocol. BTW: Eric worked for some time at a well-known place in Geneva in these days. ... Montpellier->Bonn, 10 hours, 13 July 1990, and a presentation of German network activities to French scientists at Strassbourg University. The light show at the cathedrale was impressive on this 13th july. My French was "fair". I invented words like "expecter" or "bombastique".
- Development of UCLA/Mail400 in 1987, an X.400 extension of the previous including a RFC 987 gateway, sponsored by DFN. X.400 P2 data structures and RFC 822 are basicallly the same thing (as can be seen from the gateway specifications. MVS was not yet a fully dead dinosaur and UCLA/Mail together with its user interfaces was a powerful system by thousands of people, thus came the idea to add an X.400 communication module to it. This was done in cooperation with Softlab. What followed in 1988 was 16000km tour between Canada and Mexico to show my motocycle to the friends at UCLA. UCLA/Mail400 was presented during an EARN network conference in Izmir, Turkey, which led to a new customer in Strassbourg. Installing the software in hot-plug mode on a central computer of Volkswagen was done smoothly, although the Adrenalin level was raised.
- I worked with several students in order to develop prototypes for network services. For example, we developped two different gateways for the IBM SNA/NJE protocol, one written by Volker Sand in PLI/1 communicating directly with the X.25 mapped SNA LUs in the communication controller, and another, together with a student of the University of Heidelberg, written in assembler on top of OTSS/OSNS. A interoperable implementation was later made for VAX/VMS by Joiner as part of the Digital support initiative for EARN. (Yes, the company, the other dinosaur). NJE/OSI is NJE over a little bit above session layer. It actually doesn't use anything of the session layer, and flow control was not doable in the IBM stacks. Actually IBM's NJE over TCP had and still has an end to end flow control problem, NJE is a multi-channel application. Connecting two sites that had both a local NJE name UCLAMAIL created a little problem with the JES2 path management.
- Some hacking in UCLA/Mail, an electronic mail environment for MVS to be used in BITNET, EARN and the early Internet, working with colleagues in Los Angeles and Tel-Aviv, sometimes in two shifts, exchanging the code via mail.
- In 1983, the major work of restructuring system modifications was finished. Later maintenance or installing new versions of MVS, JES2 or RACF became very simple. At that time, GMD joined the European Academic and Research Network EARN and BITNET and also the Deutsches Forschungsnetz DFN I soon participated in the German EARN technical support group together with the staff at GSI Darmstadt and IBM Heidelberg, to bring in our MVS skills into this VM dominated network world. Besides my growing interest in electronic mail, working in a world wide NJE network with at its highest time 4000 network nodes operated by several hundreds of independant institutions needed some thinking and tools developement network management, routing tables, etc. I wrote UPDNODES, for example, kind of LDIF for the BITEARN NODES database To finish one of the management meetings: 800km on a motorcycle on the beautiful island of Crete during a weekend after an ERAN technical meeting.
- A full screen TSO logon procedure. About 5 years later, IBM started providing something similar with still less features. When I had some work to do on a Z/OS after 25 years, I noticed that IBM is catching up.
- Another task was a remake the user information and accounting system and use RACF for it. The result was a kind of directory systems implemented using RACF user data, and accessible through a high level API, i.e. no need for low level assembler programming.
- y first assignmment was a complete replacement of all existing system modifications by using defined exit points of MVS and JES2 and a migration of a GMD developped accounting and user management system by RACF features. The Assembler macro set mentioned below got integrated into the System Programmer's Tool Set (SPTS). One result was a kind of directory system implemented using RACF user data, and accessible through a high level user mode API, i.e. no need for low level assembler programming or APF authorized programs.
- I studied Mathematics at the University of Bonn, and graduated in 1981 with a work on Über die Anzahl geschlossener Geodätischer kompakter Mannigfaltigkeiten negativer Krümmung. (The number of closed geodesics on compact manifolds with negative curbature). Until that I worked on an internship at GMD.
- While writing the COMEDY I enhanced GMD's assembler macro set for structured programming. This macro set was also used by Klaus Birkenbihl et al. in the port the B.I.T.S system (initially developped for 360 MFT) to the MVS/TSO/ISPF environment, and later, by me, in many MVS system programs, exits, etc. The macro set became part of our the (System Programmer's Tool Set SPTS. Others added a pseudo code processor, and an assembler listing beautifier, both essentially targetted to work nicely with the macros (treating them as instructions) and unfolding of inline functions.
- TheComputer Output on Microfilm sYstem aka COMEDY, processed by a modified CALCOMP microfilm printer controller whose 48x reduction lens problems were much worse than the ones of the Hubble telescope. An important internal use of the Comedy was done by Volker to print PTF cover letters allowing to use effectively the huge sets of IBM microfiches. By accident, I didn't manage to keep the source code of the COMEDY, I just have a microfiche and a binary. It seems that I started to be interested in long term archiving of electronic material near that time, must have something to do with family history.
- A companion programm was a hacked version of the IBM MVS External Writer to transfer the results properly separated by tape labels. During that time I lost much faith in IBM's claims to be able to produce quality code, well, at least not when they program in basic assembler. Not only MVS, when I saw some VM server code (e.g. RSCS), well... Things got better with PL/S.
- A TEΧ output driver for Calcomp on 35mm film, we had no laser printer at that time. The lessons in typography and page layout became very useful later. No caligraphic studies.
During summer 1978, since I the meaning of BAL,I spent three months in the US doing some IAESTE practical training at the Swiss Colony Computation Center in Monroe, Wisconsin, and 13.000 kilometers in a Greyhound bus. (I'm talking to U).
- C.H.A. (Kees) Koster gave some programming courses at GMD; from one about CDL2 which later becameCDL3, you may see some impact in my C programs (e.g. in OpenSSL contributions) and others.
- In 1975, GMD opened its own IBM facility with an IBM /158 running under MVS. The TSO system equiped with SPF was a real difference compared to card punching.
- I started at GMD as a student to work on a CALCOMP computer graphics and microfiche systems, doing software development, maintenance and operation. Programming these machines with their 8K nonets (9 bits) of memory makes you modest. The CALCOMP mainframe software was an huge piece of FORTRAN code. The 900 controler assembler was written in FORTRAN.
- GMD also had a Telefunken computer TR 86, which possessed at that time (early 70s) an interactive vector graphic user interface GRAFSY with pull down menus, and track balls, a mouse like input device, etc, well, only 64K of words of 24 bits, and you could compile and run some FORTRAN programs. The vector graphics displays were often used for airplane traffic control at that time. One might see these in Hollywood films of that time.
In 1973, when I began my university studies at Bonn, P.P. Spies just had the great idea to introduce SIMULA 67, not only in a small 3 weeks course but during one year in order to learn the language, to program, and how the virtual machine works.
- Besides that, for programming there was the never ending waiting line at the card reader and the noisy printers, but sometimes it was also possible to use TSO on IBM MVT, the machine was an IBM /168. In other words, we could use the machine almost like a PC today, but share it among several users and all then batch processing. The machine was 100% busy, 24/24, 7/7 as they say in France.
Coming to the initial singularity:
PETER BEGIN
Hello, World.
My first attempts of computer programming was on an Olivetti Programma 101 in 1970 (if one can this a computer). I still want to remake an emulation of the machine and to remember my award winning prime number program.
The picture is part of the Programma 101 Web.
