[AFS3-std] draft-wilkinson-afs3-rxgk-afs-01 comments
Simon Wilkinson
simon@sxw.org.uk
Mon, 20 Feb 2012 20:31:30 +0000
On 20 Feb 2012, at 19:10, Dave Botsch wrote:
> define what a "client" is, what a "host" is, and what a "connection" =
is.
>=20
> 3.1 - why is it that clients SHOULD provide the user and the cache
> menager tokens instead of MUST?
Because making this a MUST would rule out the use of clients which don't =
have key material for a particular cell.=20
>=20
> How are clients determining the number of users (ie what is a "user" =
...
> unique afs tokens on a client, or unique local machine users =
attempting
> to access afs)?
I'm not sure I understand the question - I don't think clients have any =
knowledge of a number of users. They have user tokens - which are just =
rxgk tokens acquired by a particular user, but no knowledge of users =
beyond that.
> 8. Does a fileserver establish a RXGK connection the same method as a
> normal client (since earlier parts of the document make it sound like
> the fileservers will not have any of the pre-shared keys)?
Departmental fileservers don't have access to the pre-shared keys, and =
establish a key to use with rxgk by using the mechanism detailed in =
section 9. Machines with access to the pre-shared key use the ticket =
printing mechanism described in section 7.
Again, which mechanism to use is implementation dependent. With AFS-3, =
you need, at a minimum, all of your database servers to share the =
pre-shared key, but you could easily build an AFS implementation where =
every fileserver has its own key material.
Cheers,
Simon