Not knowing the details but reflecting on what the summary said and what I do know of Xwindows style systems...
Plan 9 sure puts a lot of trust in the network.
We have learned, since that time, that trusting the network isn't really a good idea. Even a local network might not really be trustworthy.
The division of services that they describe sounds quite wonderful for normal office tasks; but doesn't work well for networks that can shard or for remote users that tunnel in (VPN) and might be disconnected.
I don't know how true that really is. It certainly trusts that the network is there, and after authentication/authorisation it trusts that network devices are not malicious — but that's no different from anything else.
I do think that there's some excellent work yet to be done in authenticating local networks. How do I know that the DHCP server I'm talking to is the right DHCP server for my network? How do I know that the WiFi access point I'm talking to actually is who it says it is?
Really, that is a specific instance of the broader problem of naming. I don't have an answer, but I'd love to read some attempts to get at the answer.
It doesn't put more trust in the network than NBD or NFS does. You don't access your root filesystem over a 3G connection or a flakey VPN on any platform. But, if you mount a remote filesystem that isn't root, disconnecting isn't fatal, you just have to reconnect when the connection is back (aan can handle that).
One of the plan9 users put a lot of work into a terminal boot disk that supports rootfs over flakey connections.
Also, last I checked I believe 9front supports mounting root over AAN which supports roaming between networks and flakey connections.
I had no idea it supported SSL (I assume modern versions TLS?), that actually is more forward thinking then I had supposed was involved given it's age.
You can wrap any connection in SSL, no extra code required. Single point of update / failure. Sigh
Plan9 makes the impossible simple, every user I know laments going back to Unixes. "No problem, I'll just.... Oh, not plan9"
I think the parent comment was actually referring to the flexibility and ease of tunneling connections/services through SSL on Plan 9 versus on unices. It's the generality of the way Plan 9 handles it (everything is a file) that makes life easy.
Actually, the opposite is the case. SSL is not forward in any way. That's why in the post above you can find cinap hinting towards the much more clean alternative he implemented for the 9front specific protocols, without any need of horrible certificates.
I like to imagine that something like containers could provide a rationalised POSIX successor like Plan 9 while still cooperating in the main with a less-clean kernel like Linux. Not certain exactly how that'd work, but it might provide a nice path to building cleaner systems.
Anyone had any experience running the RaspberryPi Plan9? It seems like the ideal way to set up a small cluster using some cheap RaspberryPi Zeros as compute, maybe one for file storage and another as a terminal.
The Plan9 raspberry pi is probably the easiest way to get Plan 9 up and running, but not very powerful. The default image only has a 2gb partition. If you're interested in venti, it's a difficult process that needs to be manually set up (vs the ISO installer where it just asks you if you want to install fossil or fossil+venti) It makes a great introduction to Plan 9, and would probably make a great terminal for an existing Plan 9 cluster, but I wouldn't try making a cluster of them.
I use mine as a login server (and something to drawterm into when I want to play around with Plan 9 without booting up a VM), which is a great use case for it. I initially wanted to use it for Go development, but:
1. I had to start by writing a git client, which I never finished enough to be useable.
2. plan9/arm is only in Go tip (and will be in 1.7)
Interesting stuff. I was always intrigued by Plan9 (via Go). The same thought had crossed my mind too, that Plan9 may be a great dev environment for Go; apparently the 9p package is excellent.
Plan 9 sure puts a lot of trust in the network.
We have learned, since that time, that trusting the network isn't really a good idea. Even a local network might not really be trustworthy.
The division of services that they describe sounds quite wonderful for normal office tasks; but doesn't work well for networks that can shard or for remote users that tunnel in (VPN) and might be disconnected.