[OpenAFS-devel] Rx over TCP to solve some NAT & Firewall issues?
Dean Anderson
dean@av8.com
Fri, 21 Nov 2003 00:23:28 -0500 (EST)
On Thu, 20 Nov 2003, Derrick J Brashear wrote:
> we're arguing semantics. i posit it's authentication on top of, not in,
> ssl. anyhow...
That is possible. But you can have the SSL layer verify the client
certificate, and obtain information about the certificate, which can be
used for authentication. It may be only semantic buggery, but I'd posit
the part on top of SSL is authorization. SSL verified the certificate, and
obtained the information about its owner.
> Still sounds like moving from one antique to another;-)
Yes. hehe. But 2 years ago, I'd never have thought I'd ever deploy a new
afs installation. Yet here I am. Some things were ahead of their time.
> > And there are still sites using DCE, and the open dce list is active.
>
> I bet more are using AFS, and if you want to argue that it's the
> open-sourceness, that more were before there was an OpenAFS.
Its probably close. There aren't many running DFS, but the non-DFS parts
RPC, CDS, etc) were ported to linux some years ago.