[OpenAFS-devel] mdw @ google - what I did

Marcus Watts mdw@umich.edu
Thu, 06 Nov 2008 15:35:29 -0500 

The hackathon organizers are asking that we each confess
to all the evils we did while out in California.

So, -
/1/ I updated "rxk5" version of aklog to match 1.5.54.
This was the last bit of the rxk5 version of openafs that I hadn't
updated to match the lastest 1.5.  aklog has ad hoc logic
for the realms, principals, and order in which it tries.  Previous
changes for rxk5 didn't merge well with those changes.  Several
developers had strong opinions on the value of the ad hoc logic,
so I did the "conservative" change were I kept as much of
that logic (and its behavior) as possible.

/2/ I talked with various folks about "rxk5 version 2".
Love was there, which was good.  We didn't actually cover much new
ground but I think we pretty much agreed we were converging
on many similar design ideas.  A couple areas of interest:
/a/ talking about tradeoffs between public key cryptography
	and pre-shared host keytabs.
	using pre-shared host keytabs is attractive to large
		kerberos sites - but doesn't work well for
		"foreign cell" connections.
/b/ using existing standards or software vs. devising
	purpose-built variants.
	Existing stuff has the advantage others have done
	a lot of work already - and the disadvantage it may not
	serve the particular need well.
/c/ windows kerberos peculiarities.  Windows in some environements
	may issue tickets with large pacs.  The argument was made that
	it is not reasonable to expect windows kerberos administrators
	to be capable of turning off the large pac option for
	afs service tickets.

/3/ I started going through openafs rxk5 changes to try to categorize
changes.  Some of the other openafs developers would like to see much
finer grained changes sets, so I went looking to see how that would
work out with rxk5.  I got through about 10% of the diff and came with
82 distinct "changes".  So, I estimate this will encompass about 500-1000
changes at the level requested.

/4/ I listened to "git" conversations.  Other folks were very excited
about git, and had many glowing things to say about it.  Now I want
to use git too.

/5/ I managed to see a bit past the "secret" doors at Google.  I'm a
vegetarian, and I drink tea.  The Google folks were kind enough to let
me get a vegetarian sandwich at their cafeteria, and get replacement hot
water for hot tea.  Now I just have to convince the University that we
should have the same amenities here that Google employees get.

				-Marcus Watts