At 8:39 PM -0500 6/13/03, Nathan Neulinger wrote:
You can't encrypt unless the connection is authenticated.
You would be blocking all non-authenticated
system:anyuser access.
That may or may not be a good idea, but should be kept
in mind.
Would it make sense if 'fs setcrypt' would automatically fall
back to use non-encrypted connections to any volumes accessible
by system:anyuser (and *only* those volumes) if the connection
is not currently authenticated?
This seems "reasonable" to me, since all of those files are
world-readable anyway. Of course, I'm sure I could think of
arguments against the idea, if I actually wanted to... :-)
maybe have a third option, 'fs setcrypt allprivate'
(a lousy name, but my mind is drawing a blank right now)
--
Garance Alistair Drosehn = [EMAIL PROTECTED]
Senior Systems Programmer or [EMAIL PROTECTED]
Rensselaer Polytechnic Institute or [EMAIL PROTECTED]
_______________________________________________
OpenAFS-info mailing list
[EMAIL PROTECTED]
https://lists.openafs.org/mailman/listinfo/openafs-info
