[OpenAFS] packet sniffing and file content

Sam Hartman hartmans@mekinok.com
16 Jul 2001 18:21:08 -0400


>>>>> "David" == David R Boldt <dboldt@usgs.gov> writes:

    David> I may use the OpenAFS clients.  Are there any changes on
    David> the horizon which would affect compatibility the
    David> IBM/Transarc Servers?

The gatekeepers have stated a commitment to maintaining protocol
compatibility.

Once krb5 support gets integrated, then there will effectively be two
security protocols; a new implementation will not be able to get the
security advantages when talking to old implementations.

As a matter of policy some sites--particularly those that care about
security--will configure their servers/clients not to talk to IBM's
servers/clients until IBM gets around to implementing krb5.  The
protocol compatibility will still be there, but just as with SSL where
you can require particular cryptosystems be used, you will be able to
do the same with AFS.

Of course all of this is in the future; the timing of the future
depends on who finds money to work on what projects.