[AFS3-std] Re: rxgk-afs tokens for ptservers, etc.
Jeffrey Hutzelman
jhutz@cmu.edu
Thu, 14 Feb 2013 15:51:36 -0500
On Wed, 2013-02-13 at 12:28 -0500, Benjamin Kaduk wrote:
> On Tue, 12 Feb 2013, Andrew Deason wrote:
>
> > This requires bosserver to be running and reachable to have
> > authenticated access to e.g. ptserver, but that seems reasonable (and
> > certainly more reasonable than requiring vlserver to be up). But having
> > other services accept GSSNegotiate calls I could maybe see, though: for
> > example, if for whatever reason you can't talk to bosserver or vlserver,
> > you can still do authenticated actions on ptserver. That doesn't strike
> > me as terribly common, though, so it doesn't seem like a great concern.
> > Maybe it could be optional?
>
> I think that having each server process offer an RXGK_GSSNegotiate service
> that produces tokens only valid for that server/process pair is already
> allowed by the RXGK spec itself, and would be an implementation-specific
> thing. I'm not at present inclined to do so in the code I'm writing,
> though; I think the other things we're talking about should be sufficient.
The intent was that _any_ port on which a service is offered which
supports rxgk would also offer the rxgk service and RXGK_GSSNegotiate.
Now of course, in the case of an AFS fileserver, the server may not
actually have any GSS acceptor credentials suitable for use with that
call, in which case it would always fail.
-- Jeff