> 0) Venti contains neither authentication nor authorization. If you > care, you are advised to stick it on a trusted network, or listen only > on loopback. > > 1) The venti protocol reserves space for auth (see VtTauth0 and > VtTauth1 in /sys/include/venti.h), but I'm pretty sure nobody > implements it. Certainly I haven't found any definition of those > fields.
it is typical to not do authentication or authorization on block-level storage. venti may be fancy, but it's still block storage. iscsi notwithstanding, storage networks tend to be pretty locked down. > 4) There's always ssl or the like. Some people argue that's the best > path to take; I'm less convinced. i think it makes a lot of sense to use ssl like a streams module. push it when necessary. (venti already requires a streaming protocol, so this isn't a big loss.) for a lower-level solution, you could also use various flavors of vpn. - erik
