[OpenAFS] my afs wish list

Derrick J Brashear shadow@dementia.org
Wed, 30 Apr 2003 10:09:57 -0400 (EDT) 

On Wed, 30 Apr 2003, Marcus Watts wrote:

> > Scrapping the kaserver is hard, because lots of people want us to become
> > another krb5 KDC vendor. I think the discussion leading up to this point
> > states pretty clearly we have plenty that's uniquely ours to solve on our
> > plate without looking for solved problems to rehash.
>
> Well, there are some nifty things that kaserver does that are nice,
> like ubik replication & automatic tgt rekeying.  But I agree, that's
> not an openafs problem and not a reason to keep kaserver around.

Sooner or later one of the krb5 implementors will support a floating
master, instant update database.

> > Anyhow, as far as encryption goes, I'm really hoping some of the krb5
> > people will speak up. They have meaningful experience we can draw upon,
> > instead of doing something expedient you could plaster a smile on my
> > face(*) if we did something correct.
>
> Guess I'm just an imitation krb5 person.

I have no idea, truthfully. I was referring to the krbdev people, and the
heimdal people. I suppose what I said doesn't explicitly refer to that
narrow a scope, and it's an arbitrary limit anyway.

> As best I can tell, the k5 code that supports multiple DES enctypes
> mainly creates annoying problems and is not well liked.  I would say
> the goal of most current k5 protocol work is to avoid creating any more
> messes like this.  I'm sure Ken Hornstein or others will correct me if
> I'm wrong on this.

I think it's really the non-DES enctypes which end up being interesting
for us.

> I think that's sufficient to support file servers that do AES(128) vs.
> DES and to allow for possible future growth for other enctypes, such as
> AES256.  It's not sufficient to cover different flavors of AES128.
> These don't exist in K5.  So far at least, it doesn't sound like
> there's good reason for this to exist in openafs either.

My gut feeling is *if* there ends up being a problem with AES, it would be
nicer if we left a door open for ourselves early instead of needing to
again jury-rig a solution later.