On Tue, 12 Feb 2013, Andrew Deason wrote:
This requires bosserver to be running and reachable to have authenticated access to e.g. ptserver, but that seems reasonable (and certainly more reasonable than requiring vlserver to be up). But having other services accept GSSNegotiate calls I could maybe see, though: for example, if for whatever reason you can't talk to bosserver or vlserver, you can still do authenticated actions on ptserver. That doesn't strike me as terribly common, though, so it doesn't seem like a great concern. Maybe it could be optional?
I think that having each server process offer an RXGK_GSSNegotiate service that produces tokens only valid for that server/process pair is already allowed by the RXGK spec itself, and would be an implementation-specific thing. I'm not at present inclined to do so in the code I'm writing, though; I think the other things we're talking about should be sufficient.
-Ben _______________________________________________ AFS3-standardization mailing list [email protected] http://lists.openafs.org/mailman/listinfo/afs3-standardization
