Before looking at solutions I think it would be a good idea to look at the requirements. Here are the ones I can think of:
1. Client must have a secure connection to the server even for what are now unathenticated connections 2. Client must be able to authenticate the server 3. It would be nice if this could be done with Kerberos rather than making afs depend on something else, like openssl and a public key infrastructure 4. No special configuration required on the client I think we agree on 1, I'm not sure about 2 but I think it's obviously a good idea, and we disagree on 3. We agree on 4 but you give it a higher priority than I do. I'd like to hear other peoples' opinions. _______________________________________________ OpenAFS-devel mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-devel
