This is a second call for review of a new Rx security class that encapsulates cleartext peer identity assertions in the security header. As discussed in Edinburgh, the idea is to reduce the probability of race conditions between client and server by asserting peer identities (e.g. via transmission of host UUIDs for AFS-3) that are independent of the peer's transport address set.
The second major component of this document are changes to multi-homed Rx connection semantics. The core problem was that an Rx client would drop the IPv4 address which was bound as the peer on the server, and then the connection would entirely break (because server responses were no longer going to the intended peer), thus stalling the client until timeout. This memo proposes a method which allows peers to seamlessly transition between address sets. Admittedly, this does open cleartext Rx connections up to duplex connection hijacking attacks, whereas legacy Rx merely was open to simplex attacks. http://tools.ietf.org/html/draft-tkeiser-rxrpc-sec-clear-00 Cheers, -Tom _______________________________________________ AFS3-standardization mailing list [email protected] http://michigan-openafs-lists.central.org/mailman/listinfo/afs3-standardization
