Currently rxgk sets the security level of a connection to that determined at token establishment time between the client and the negotiation service. There is no option for the client to select a higher level of protection for a particular connection. I'm intended on modifying the format of the rxgk authenticator (included, in encrypted form, as part of the response in the RX security handshake) so that it can include an afs_int32 "level" field. This level field will indicate the security level to be used for that connection. It is an error if the level is lower than that originally negotiated.
Comments? S. _______________________________________________ AFS3-standardization mailing list [email protected] http://lists.openafs.org/mailman/listinfo/afs3-standardization
