[OpenAFS-devel] Re: FCrypt Spec for AFS rxkad

Bjoern Groenvall bg@sics.se
19 Dec 2000 13:58:00 +0100

>>>>> "Ted" == Ted Anderson <ota@transarc.com> writes:

Hi ted,

Ted> Specification of FCrypt: Encryption for AFS Remote Procedure

Ted> This is a prose description of the FCrypt enciphering algorithm
Ted> used by Rx, the AFS remote procedure call (RPC) system, to
Ted> provide packet authentication and privacy.  It is intended that
Ted> it be complete enough to enable an interoperable implementation
Ted> of FCrypt to be constructed without reference to the proprietary,
Ted> export-restricted AFS source code.  However, it does not describe
Ted> Rx or rxkad or how they make use of FCrypt to protect network
Ted> packets.

Thanks for the spec. It would have been really nice to have all this
documentation available when I implemented the "liberated rxkad". It
would have saved me from a lot of experimentation.

To the best of my knowledge the liberated rxkad implementation found
in ftp://ftp.pdc.kth.se/pub/krb/src/krb4-1.0.4.tar.gz (lib/rxkad) is
compatible and also binary compatible with the libraries that Transarc
used to (not) ship.

If the OpenAFS team has any problems with export restrictions of rxkad
code, and if they think that my implementation could help in sorting
these problems, please use this code as a substitute.


  _     _                                               ,_______________.  
Bjorn Gronvall (Bjrn Grnvall)                        /_______________/|     
Swedish Institute of Computer Science                  |               ||
PO Box 1263, S-164 29 Kista, Sweden                    | Schroedingers ||
Email: bg@sics.se, Phone +46 -8 633 15 25              |      Cat      |/
Cellular +46 -70 768 06 35, Fax +46 -8 751 72 30       `---------------'