[OpenAFS] OpenAFS speed - some benchmarks
Derek Atkins
warlord@MIT.EDU
26 Jun 2003 17:02:40 -0400
John Rudd <jrudd@ucsc.edu> writes:
> Well, first, let me state that I have never actually used kerberized
> NFS, I've only heard war stories.
>
> What I was told (or, rather, what I inferred from what I was told) was
> that the old (mid 90's vintage) kerberized NFS only did the kerberos
> authentication at mount time. When you request the mount, the server
> checked that the principle was authorized to mount that file system.
> But once mounted, kerberos, and the principle in question, didn't play
> much of a part.
This is ancient history and has absolutely nothing to do with NFSv4.
NFSv4 uses GSS_RPC to actually authenticate and protect at the RPC
layer, so, yes, every transaction is protected.
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available