Derek Martin wrote:
> Do you honestly expect widespread adoption of Kerberos on W2k? I don't.
We'll see. As Paul Lussier pointed out, security has become a hot item,
so MS's timing is good. (The cynical conspiracy theorist lurking inside
me says that MS deliberately engineered the recent spate of Windoze viruses
just to make their new security emphasis look attractive...)
> I refrained from commenting when it was brought up in another thread, but
> I've heard that AFS has problems when you stress it. I think it may have
> been Ted T'so when he presented to us. I don't know that I'd trust it.
It's also not free. :-(
Coda looks interesting, but the Coda web pages at:
http://www.coda.cs.cmu.edu/index.html
make it sound pretty immature.
> I will say that while I consider SMB to be poorly designed and
> implemented, the intended security model (meaning per-user authentication
> for resource access) is better than what we have for NFS.
I didn't want to be the first person to point this out, since I'm already
being a pill. :-)
SMB *is* a bit of a hash (especially WRT "browsing"...), it really seems
more attractive than NFS in many ways. When the Samba domain server code
becomes stable, it really looks to me like a viable alternative to
NFS.
> That's not fair, and doesn't make your point. Samba was developed to
> maintain compatibility with Windows' brokenness. Because they design the
> protocol and don't release the specs, Samba can't help but be behind.
> There's no way around it.
Well, OK, you're right, that was a bit of a low blow.
> Whatever someone comes up with, it should incorporate at least these
> features:
>
> * it should actually work :)
Now *that's* a cool feature!
> * should have per-user authentication mechanisms
>
> * should have host-based authentication for non-sensitive data
>
> * should have optional, but recommended encryption capabilities
>
> * should be optimized for speed, naturally.
ACLs would be nice, too, as long as we're smokin' dope here. And some
local caching ideas from Coda.
-- Jerry Callen Mobile: 617-388-3990
Narsil FAX: 617-876-5331
63 Orchard Street email: [EMAIL PROTECTED]
Cambridge, MA 02140-1328
PGP public keys available from http://pgp.ai.mit.edu
fingerprints:
DH/DSS key ID 0x1806252C: 7669 A4CD 759A 6EB7 AF04
C10D B659 2A4B 1806 252C
RSA key ID 0x99F7AAE5: D265 DC9C 13FD 6110
30F5 1874 A206 24B1
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
