On Thu, 14 Feb 2013, Simon Wilkinson wrote:
On 14 Feb 2013, at 22:15, Benjamin Kaduk wrote:
jhutz notes that in order to go from the nonce returned by
VL_RegisterAddrsAndKey to an actual key, the caller of the RPC needs to perform
PRF+ with the master key (K0) of the token of the connection and the two
nonces. The other uses of PRF+ are in key derivation for packet processing and
for token combination; the key itself need not be exposed to security object
consumers otherwise. Using a separate utility to register a new fileserver and
key would preserver this property, which is probably useful.
I'm not sure how it being a separate utility, versus the fileserver,
helps you here. Whatever happens, the rxgk library needs to provide
either a means of getting K0 for a particular connection, or of
performing the a PRF+ operation using a particular set of inputs against
a connection's key. Changing the caller from a bit of the fileserver, to
a standalone utility doesn't change the need to export that information.
I could imagine a utility whose source lived in src/rxgk and linked
against internal object files and not the library; the relevant symbols
need not be exported from the library in that case.
Probably not worth worrying about the details too much at this point,
though.
-Ben
_______________________________________________
AFS3-standardization mailing list
[email protected]
http://lists.openafs.org/mailman/listinfo/afs3-standardization
