Brian W. Spolarich writes:
> I'm surprised that Sun hasn't done some similar work with NFS on top of
> their too-much-touted secure RPC code.
Actually, at the last USENIX Security conference there was I paper I wrote
with some guys from Sun describe a new security flavor for ONC RPC that uses
the GSS-API. It allows for authentication as well as integrity and encrpytion
of filesystem data. They have a prototype for NFS clients/servers already.
It was tested with the Kerberos V5 mechanism, but should also work with
other mechanisms like SPKM. An internet draft on the new flavor (RPCSEC_GSS)
just came out as well. There are also some other neat things showing
up in NFS like XFN, client-side failover, etc. Of course Sun sat on the
success of NFS for much too long and getting all the vendors to implement
the new stuff is an uphill battle...
> I really like AFS as a product, but Transarc really needs to get in
> touch with the marketplace. They're acting much too much like Big Blue in
> all of its blindness. I'd hate to see AFS and DCE go the way of "beta"
> due to lack of marketing smarts.
yup.
roland
