| I seem to recall some discussion long ago on info-afs regarding encryption
| of file service traffic between AFS client and AFS server. As I recall it
| was said at the time that this capability was present in standard AFS
| clients and servers, but that the setting to turn it on in the client was
| not documented and presumably not supported. Can anyone confirm or deny
| whether in fact this capability exists?
Confirmed (the switch is in the client, no server mods are required, though
it's not a regression-tested code path).
| I believe that our site would find it useful for this to be a
| standard supported feature.
There was indeed info-afs discussion; on Sat, 8 Feb 1997 15:06:36 -0500 (EST) in
Chaskiel M Grundman <[EMAIL PROTECTED]> announced to info-afs:
...
/ A patch that fixes this (and also allows you to use
/ authenticated/checksummed data transfer in addition to encypted data
/ transfer), and provides a pioctl interface to get/set this variable is
/ available if anyone wants it
I believe cg2v's patch was based on a patch from Derrick Brashear.
MIT opened TR-404234 and defect 9998 with patches to add support to
the client and a flag to fs to enable encryption. Somehow this
TR/defect got closed (as we noticed last week during periodic open-TR
review), and we're not sure yet under what conditions that
happened. This patch was a modification of the CMU patch (fixed some
stuff).
Probably the right approach is to inquire of [EMAIL PROTECTED]
regarding the above defect and/or TR numbers.
--jhawk
