[AFS3-std] tokens for bosserver

[Benjamin Kaduk]

In an attempt to summarize the discussion and move forward, it sounds like 
we are in agreement that the bosserver should offer the RXGK_GSSNegotiate 
RPC, and tokens obtained from that service should only be used with 
bosservers.

I think that the most promising approach is probably to have an 
afs3-bos@cell GSS identity for each machine running a bosserver, and use 
that for the GSS negotiation service.  Tokens thus obtained will be tied 
to that particular machine's bosserver, and 'bos -localauth' will only be 
able to affect the local machine upon which it is running.  It does make 
administering machines serving multiple cells cleaner, though, and 
preservers our abstractions.


Barring objections, I'll plan to add some additional text along the lines 
of "Other AFS infrastructure wishing to use rxgk (for services which are 
not database or file servers, such as for system management purposes) 
SHOULD offer a key negotiation service for each rxgk-using application; 
tokens obtained from such a negotiation service SHOULD only be used 
against that application.  For services with a port assignment from IANA, 
the GSS identity used for the negotiation service SHOULD us the name from 
the port assignment, as <name>@<hostname>.  For example, a bosserver 
running on port 7007 of the machine www.example.com would use the GSS 
identity afs3-bos@www.example.com.


Hmm, maybe the last sentence is not needed.

-Ben