Franco wrote: > Dear all, as far as I remember, there are certain limits about openafs > in the current implementation, like the following: > > - data encryption is with fcrypt
this is being addressed by both rxk5 and rxgk security classes. > - max file size 2 gb (on windows) this stopped being true in 1.5.3. Note that the 1.4 series is not compatible with Windows Vista or 64-bit Windows platforms. > - max directory entries ~64K assuming that all directory entries have names of 16 bytes or less. subtract one entry for each 32 bytes in the file name after the initial 16 bytes. In practice the max number of entries ends up being ~32K. > My question is simple: are they still valid with the 1.4 release, and > what is the plan about them? For the most part 'yes'. In most of the cases, breaking the limits will result in backward incompatible changes that will either prevent older clients from being able to see all of the data; require the conversion of existing volumes to the new format; or require that all servers be upgraded at once. > I see that in Q3 of 2007 there is the plan of integrating kerberos 5 > with multiple encryption types. Will it replace completely the fcrypt() > and will it be back-compatible? On the site there is no mention about > these issues with greater detail... Both rxk5 and rxgk will provide support for non-DES based data confidentiality. See http://www.openafs.org/no-more-des.html Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
