On Tue, 27 Mar 2007, Jeffrey Hutzelman wrote: > >>> the requirements. > >> > >> The group that developed the rxgk proposal spent a long time looking at > >> the security requirements for AFS. > >> > >> http://www.afsig.se/afsig/space/rxgk-hackathon-2007/outline-rxgk.pdf > >> > >> I'm posting the document instead of transcribing the text because the > >> contents are color coded to indicate what can be fixed and what cannot > >> be. > >> > >> The rest of the rxgk content can be obtained from > >> > >> http://www.afsig.se/afsig/space/rxgk-hackathon-2007 > > > > > > Incidentally, the particular problem Marcus posits here is one we > > considered, and for which rxgk has an obvious solution in the form of its > > combine-tokens operation. I do not think it would be appropriate at this > > point in time to attempt to add this functionality to rxkad. > > Oh, BTW, this approach lends itself quite easily to situations in which the > individual client hosts do not have keys, by giving the server a public key > and authenticating rxgk token establishment with PKU2U instead of GSS-krb5.
Not to be an ass, but can we post this to our wiki? (i didnt see it.) Our project LOOKS dead. New info is needed and this could generate a little bit of interest if just for the sake of keeping appearances. *shrugs* -------------------------------------- Sean O'Malley, Information Technologist Michigan State University ------------------------------------- _______________________________________________ OpenAFS-devel mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-devel
