[AFS3-std] file servers, uuids, and GSS identities

Benjamin Kaduk kaduk@MIT.EDU
Thu, 14 Feb 2013 17:15:56 -0500 (EST)


On Thu, 14 Feb 2013, Benjamin Kaduk wrote:

> no stomping on existing addresses, etc.).  We can still allow cell admins to 
> use RegisterAddrsAndKey for existing uuids, and maybe provide a tool to do so 
> and write out a "keytab" that contains the key shared between fileserver and 
> vldb.  Such upgraded fileservers would not be able to rekey themselves (say,

jhutz notes that in order to go from the nonce returned by 
VL_RegisterAddrsAndKey to an actual key, the caller of the RPC needs to 
perform PRF+ with the master key (K0) of the token of the connection and 
the two nonces.  The other uses of PRF+ are in key derivation for packet 
processing and for token combination; the key itself need not be exposed 
to security object consumers otherwise.  Using a separate utility to 
register a new fileserver and key would preserver this property, which is 
probably useful.

-Ben