[AFS3-std] Re: afs3-rxgk-updates for 03
Andrew Deason
adeason@sinenomine.net
Thu, 1 Nov 2012 01:35:01 -0500
On Thu, 1 Nov 2012 00:08:11 -0400 (EDT)
Benjamin Kaduk <kaduk@MIT.EDU> wrote:
> >> commit 74bc8de3886728c5ace1a28a4c0eacf0c2d68275
> >> Author: Ben Kaduk <kaduk@mit.edu>
> >> Date: Wed Oct 24 22:22:10 2012 -0400
> >>
> >> Use RXGK_Levels more appropriately
> > [...]
> >> @@ -403,7 +403,9 @@ enum RXGK_Level {
> >> </t>
> >> <t>To reduce the potential for denial of service attacks, servers
> >> SHOULD only offer the CombineTokens operation to clients connecting
> >> - over an rxgk secured connection.</t>
> >> + over an rxgk secured connection. The RXGK_Level of the rxgk
> >> + connection does not affect the resiliance against denial of
> >> + service attacks.</t>
> >
> > I find the purpose of that last sentence ("don't require any particular
> > RXGK_Level") not immediately clear from that text. This is minor, but
> > possible suggested text:
[...]
> This came from a note from the Deason/Keiser/Meffie/Vitale conference
> call:
> * (Paragraph 2) It would be helpful to indicate that rxgk level doesn't matter:
> clear is ok because contents are not susceptible to sniffing/
> attack, i.e., this policy is merely DoS protection.
>
> I do think your text is more clear than mine, though I would add "SHOULD
> accept CombineTokens connections" and maybe something about the resilience
> of rxgk being as opposed to a non-secured connection. I'll put rewording
> this on my todo list.
Just to be clear, I understood what it was for, given the history and
such; I wasn't forgetting what it was about :) I just mean, the text by
itself just seems to state a fact and doesn't say what to do. ("okay, it
doesn't affect DoS. so what?")
And yes, those modifications sound good.
--
Andrew Deason
adeason@sinenomine.net