[OpenAFS] Separating AFS tokens generation from Authenticatio n
Derek Atkins
warlord@MIT.EDU
10 Oct 2001 15:20:30 -0400
"Douglas E. Engert" <deengert@anl.gov> writes:
> Another nice idea, but then you get into what DFS had to do, in effect
> getting a separate ticket for each server. This required a TGT.
>
> The beauty of AFS today, is its simplicity. A token per cell.
It's a trade-off. The question is, how highly distributed do we want
to be able to be? It would be nice if the 'openafs.org' cell (for one
example, central.org is another) could have servers located all around
the world. It would also be nice if physical access to any server
would not give you full access to the cell.
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available