[OpenAFS] Future of AFS? Interesting Ideas!?
Derrick J Brashear
Sun, 5 Jan 2003 18:47:08 -0500 (EST)
On 5 Jan 2003, Patrick J. LoPresti wrote:
> Derrick J Brashear <firstname.lastname@example.org> writes:
> > Agree. We ran krb5 and kaserver in a loosely synchronized manner at
> > CMU for a while, it was unpleasant. The tradeoff is now we have
> > fixed-master replication. Sigh.
> I was 1/4 serious when I suggested contributing Ubik code to OpenLDAP.
> An Ubik-based krb5 server would be pretty cool, too. I wonder if the
> maintainers would even be interested, though.
The Ubik election code would be good. The Ubik "database" backend isn't a
database. I think I said this already.
> Derrick also wrote:
> > Do you think Kerberos is not (part of) said solution? Do you feel
> > LDAP is? I'm mostly just curious.
> LDAP is an overengineered monstrosity. But it appears to be the only
> game in town (except for Active Directory, of course). So yeah, I
> suppose I consider it part of the solution. I wish there were a
> decent free implementation.
OpenLDAP is decent. It just isn't what (everything) I want from a
> Kerberos, on the other hand, I am not so sure about. Web-based
> services are a very important class of application, and it is quite
> possible that they will be the only important class in the long run.
> So perhaps the fully standardized "Global Public Key Infrastructure"
> is the real solution. Too bad it's a myth...
I expect the Kerberos problem will be solved for the Web before we get to