[AFS3-std] rxgk: client determined security level
Simon Wilkinson
simon@sxw.org.uk
Fri, 11 Mar 2011 15:59:53 +0000
Currently rxgk sets the security level of a connection to that =
determined at token establishment time between the client and the =
negotiation service. There is no option for the client to select a =
higher level of protection for a particular connection. I'm intended on =
modifying the format of the rxgk authenticator (included, in encrypted =
form, as part of the response in the RX security handshake) so that it =
can include an afs_int32 "level" field. This level field will indicate =
the security level to be used for that connection. It is an error if the =
level is lower than that originally negotiated.
Comments?
S.