On Thu, 14 Feb 2013, Benjamin Kaduk wrote:
no stomping on existing addresses, etc.). We can still allow cell admins to use RegisterAddrsAndKey for existing uuids, and maybe provide a tool to do so and write out a "keytab" that contains the key shared between fileserver and vldb. Such upgraded fileservers would not be able to rekey themselves (say,
jhutz notes that in order to go from the nonce returned by VL_RegisterAddrsAndKey to an actual key, the caller of the RPC needs to perform PRF+ with the master key (K0) of the token of the connection and the two nonces. The other uses of PRF+ are in key derivation for packet processing and for token combination; the key itself need not be exposed to security object consumers otherwise. Using a separate utility to register a new fileserver and key would preserver this property, which is probably useful.
-Ben _______________________________________________ AFS3-standardization mailing list [email protected] http://lists.openafs.org/mailman/listinfo/afs3-standardization
