On Tue, Jun 8, 2010 at 10:28 PM, David A. Desrosiers < [email protected]> wrote:
> On Tue, 2010-06-08 at 22:22 -0400, Phillip Moore wrote: > > OK, GSSAPI-ized, but that doesn't pronounce very well.... > > > GSSAPI'nated! :) > > guh-sap-in-ated > Perfect!! I love it..... > > Since we don't have anyone banging on our door wanting to bootstrap > > anything (I haven't heard from ANY of our early adopters in many > > weeks), I am debating what to do next. NFSv4 is very, very tempting > > since I've read a lot about it in the last week or so, and it looks > > relatively straight forward. We also need to think about backporting > > the GSSAPI support into EFS 2, as well (which really won't be that > > hard; to code OR to deploy). > > Hold off on planning anything just yet (at least until after tomorrow's > team meeting), there's some "stuff" coming at us, which may deplete our > resources just a bit, but they do eventually converge at NFSv4. > Well, until I know what mysterious "stuff" you're alluding to, I can't possibly comment. > > Regardless of where we go next, we can now say with confidence that > > EFS has very robust and secure authentication. If we start using > > NFSv4, we'll be able to say that about the underlying filesystem, > > too. > > That's a huge milestone. Now let's see if we can't get people playing > with things like ZFS and AFS under the hood, and make the underlying fs > "pluggable". I don't know that the design I have will really make anything "pluggable", since each of the supported filesystems are so very different. NFSv3 vs NFSv4 is mostly no ACLs, vs ACLs. But NFS vs AFS is a totally different animal. The entire paradigm for managing the directory tree changes. I really need to take a day and go ahead and write up the OpenAFS design, which will help clarify this. I will say I'm pretty sure that if I can get my own AFS cell up and running, I'll bet I can develop basic AFS support in 2-3 weeks. At this point, we just need people playing with EFS, even if it's just an insecure NFSv3 environment. >
_______________________________________________ EFS-dev mailing list [email protected] http://mailman.openefs.org/mailman/listinfo/efs-dev
