[AFS3-std] draft-wilkinson-afs3-rxgk-afs-03 addresses SetCallBackKey

Benjamin Kaduk kaduk@MIT.EDU
Mon, 19 Aug 2013 09:34:57 -0400 (EDT)


On Fri, 16 Aug 2013, Benjamin Kaduk wrote:

> In any case, I am inclined to require that calls generating extended callback 
> promises must be performed using a combined token including the cache manager 
> identity, and only the cache manager identity (a single-identity token) 
> should be used for the SetCallBackKey.  We may need to adjust the 
> AFSCombineTokens text slightly to enforce this; I think we currently only say 
> that cache managers with multiple users SHOULD provide token1 as a CM token, 
> but do not restrict other uses of token1.  Requiring that token1's identity 
> be a single host-based name seems like a matter for application policy, not a 
> protocol-level constraint, so I did not add any text of that nature.

While making an editing pass over the document, I noticed that the 
description for the token0 and token1 arguments to AFSCombineTokens 
specifies them as having been returned by a previous call to GSSNegotiate, 
that is, tokens from the non-AFS CombineTokens call are prohibited.
This brings some simplicity to the identity management needed, but 
potentially limits the ability to use compound identities, but on the 
other hand, managing such things in the prdb would be rather challenging.

-Ben