>mpb>Encryption? There are many ways to do that already.
>ken>Okay, give me one way of encrypting my network AFS traffic today.
>
>I can't comment on _your_ network AFS traffic since I know nothing
>of your network/servers/clients etc.
But you said, "Encryption? There are many ways to do that already.".
And that's clearly not true for the AFS case; forgive me if the
IBM Firewall doesn't work for me, but we don't use either of the
two supported systems, and from the (limited) information I can
see about it, to do encryption of our AFS traffic I'd have to
install a firewall on every machine, and somehow that doesn't seem
like a scalable solution to me.
I'd rather not get into a debate about the merits of firewalls, but
right now nearly all of our application traffic on our network is
encrypted; I'd like to do the same with AFS. Seems reasonable.
The thing is, this is _NOT_ a whole lot of work here. rxkad already
supports encryption; you just need to modify the client a small (really
small) bit and you can get it working. Even Transarc at Decorum said
that they would work on this; it's a useful thing to have (and something
that's not possible today).
--Ken
