[AFS3-std] Re: rxgk token expiry

[Russ Allbery]

"Matt W. Benjamin" <matt@linuxbox.com> writes:

> There is no special rxk5 callback problem, it's the same as with rxkad,
> for traditional AFS-3.  But with new RPCs as we did later with extended
> callback information, the callback channel must be protected, to get an
> equivalent level of security.  We did some work towards adding an
> anonymous, secure backchannel using the rxk5 framework, but there has
> been no interest from the community in rxk5 essentially, and we stopped
> work on it.

Right: to be very clear, this is not a problem that rxk5 *introduces*, but
rather a problem that rxkad has and that rxk5 doesn't *fix*, but rxgk
does.

I don't think rxk5 does combined tokens either, which means another
similar class of problem is the ability of a local user to poison the AFS
cache, possible with rxkad but stopped in rxgk by using combined tokens
and a keyed cache manager.

-- 
Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>