Additional comments... 1.1 requirements langauge - define client, application, and connection (I am guessing that "client" refers to an individual workstation, and "connection" refers to each individual application attempting to access afs? Anyway, definitions here would help
startparams ... so, is this affected by the security level set on the client? If the client wants "encryption", should it also say it will take "integrity" and "clear"? Or is the expectaion that the client will only ask for "encryption" with no fallback? As an aside, what's the feedback mechanism to the user so that the user knows he/she is getting what he/she asks for? And can the encryption level be downgraded upon renegotiation? 8.1 Overview - the "challenge" referenced, is that the chanllenge in the below section(s)? "the standard RX security establishment protocol"... to what is this referring (a section in this document or something in another document? 10.1 - why aren't RX Abort packets protected? Where do these fit in? Reference, please. -- ******************************** David William Botsch Programmer/Analyst CNF Computing [email protected] ******************************** _______________________________________________ AFS3-standardization mailing list [email protected] http://lists.openafs.org/mailman/listinfo/afs3-standardization
