On 20 Feb 2012, at 19:10, Dave Botsch wrote: > define what a "client" is, what a "host" is, and what a "connection" is. > > 3.1 - why is it that clients SHOULD provide the user and the cache > menager tokens instead of MUST?
Because making this a MUST would rule out the use of clients which don't have key material for a particular cell. > > How are clients determining the number of users (ie what is a "user" ... > unique afs tokens on a client, or unique local machine users attempting > to access afs)? I'm not sure I understand the question - I don't think clients have any knowledge of a number of users. They have user tokens - which are just rxgk tokens acquired by a particular user, but no knowledge of users beyond that. > 8. Does a fileserver establish a RXGK connection the same method as a > normal client (since earlier parts of the document make it sound like > the fileservers will not have any of the pre-shared keys)? Departmental fileservers don't have access to the pre-shared keys, and establish a key to use with rxgk by using the mechanism detailed in section 9. Machines with access to the pre-shared key use the ticket printing mechanism described in section 7. Again, which mechanism to use is implementation dependent. With AFS-3, you need, at a minimum, all of your database servers to share the pre-shared key, but you could easily build an AFS implementation where every fileserver has its own key material. Cheers, Simon _______________________________________________ AFS3-standardization mailing list [email protected] http://lists.openafs.org/mailman/listinfo/afs3-standardization
