Simon Wilkinson wrote:
On 9 Jul 2009, at 16:50, Douglas E. Engert wrote:
Depends on what data you put in AFS, and is the AFS network traffic
sniffable
You would need to do a risk assessment of you situation.
And when you do that risk assessment, consider the sentiments
expressed in:
http
On 9 Jul 2009, at 16:50, Douglas E. Engert wrote:
Depends on what data you put in AFS, and is the AFS network traffic
sniffable
You would need to do a risk assessment of you situation.
And when you do that risk assessment, consider the sentiments
expressed in:
http://xkcd.com/538/
S.
Eric Chris Garrison wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jeffrey Altman wrote:
Garrison, Eric C wrote:
07/08/09 14:53:56 07/09/09 00:53:44 afs/afstest.iu@ads.iu.edu
renew until 07/09/09 14:53:40, Etype (skey, tkt): AES-256 CTS mode
with 96-bit
SHA-1 HMAC, AES-256
Eric Chris Garrison writes:
> Jeffrey Altman wrote:
>> The answer is right above. AES-256 is not DES-CBC-CRC
>
> I'm told by our ADS admin that DES3 isn't supported,
That wouldn't help; AFS doesn't support DES3 anyway.
> and DES-CBC-CRC is somewhat weak by modern standards. How concerned
> sh
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jeffrey Altman wrote:
> Garrison, Eric C wrote:
>
>> 07/08/09 14:53:56 07/09/09 00:53:44 afs/afstest.iu@ads.iu.edu
>> renew until 07/09/09 14:53:40, Etype (skey, tkt): AES-256 CTS mode
>> with 96-bit
>> SHA-1 HMAC, AES-256 CTS mode with 96
> The standard is ICMP WOULD FRAGMENT.
We have tried years ago. MTU detection through ICMP is not feasible on
networks you do not control.
> People who block that don't deserve functional apps. Don't cater to them.
Unfortunately the people who block are not the ones who take the hit.
The amoun
