[AFS3-std] rxgk CombineTokens and enctypes

Simon Wilkinson simon@sxw.org.uk
Wed, 7 Nov 2012 16:22:29 +0000


On 7 Nov 2012, at 16:03, Andrew Deason wrote:

> On Tue, 6 Nov 2012 19:49:26 -0600
> Andrew Deason <adeason@sinenomine.net> wrote:
>=20
> After writing this, this morning I'm a little unclear now on why
> CombineTokens is even in the rxgk draft. =46rom a practical =
perspective,
> we're not going to ever use that RPC, right? And from a theory
> perspective, every single thing about it is application-specific.

I included it in this document, because I thought it was useful to =
define a building-block that could then be used as a foundation for the =
application specific RPCs. There are elements of CombineTokens that are =
not application specific - the way we generate the combined key, the =
limits on lifetime, bytelife and expiration time. I think what happens =
with encryption types and levels can probably be defined in a =
non-specific manner too.

But yes, I think this discussion could be helped by looking at the =
specific case of AFSCombineTokens, clearly specifying that, and then =
working out what it is useful to generalise into CombineTokens. If we =
decide nothing, then we can just remove CombineTokens from this =
document.

OpenAFS will need to make use of the non AFS-3 rxgk, in particular for =
bos. However I can't (currently) see any reasons why we would need to =
CombineTokens for that application.

Cheers,

Simon.