[OpenAFS] Future of AFS? Interesting Ideas!?

Paul Blackburn mpb@est.ibm.com
Mon, 06 Jan 2003 11:51:28 +0000


Turbo Fredriksson wrote:

>>>>>>"Ken" == Ken Hornstein <kenh@cmf.nrl.navy.mil> writes:
>>>>>>            
>>>>>>
>
>    Ken> There _are_ Kerberized options for
>    Ken> open-standard mail protocols like SMTP/POP/IMAP; you would
>    Ken> need to ditch Notes, of course (but would ditching Notes
>    Ken> really be that bad? :-) ).
>
>It SHOULD be possible to replace the LDAP server within Notes with
>an external one (like OpenLDAP). If this is done, one SHOULD be able
>to use the Kerberos password to authenticate (but not use the ticket
>on the workstation)....
>
>Then at least you'll get the same PASSWORD (syncronized), but no SSO.
>_______________________________________________
>OpenAFS-info mailing list
>OpenAFS-info@openafs.org
>https://lists.openafs.org/mailman/listinfo/openafs-info
>  
>
Hmmm, don't get me started with Notes! <shudder></shudder>

I think MIT's Kerberos is a pretty good technology for
authentication on open networks.
It's just a pity it is not implemented more commonly.

I think it is a mistake to try and solve the single-sign-on problem with 
OpenAFS.
We could propose any auth technology, but will everyone accept and use it?

I think a more achieveable goal could be getting OpenAFS
kernel modules into the Linux source tree. A key benefit
would be to have OpenAFS more easily available on more
Linux ports/distros with less bias towards Intel x86 ports.
--
cheers
paul                            http://acm.org/~mpb