Earl: AFS is a bit different from an IMAP service. For the IMAP service you have configured the authentication methods, mailbox info, and client principal information. There are a very small number of mailboxes that you access and therefore providing this level of information is reasonable.
When I access a file path in AFS space, how is the AFS client service
supposed to
(a) know that I need/want a token at all. Anonymous access is used for
most requests outside my home cell.
(b) know which Kerberos identity I want to use for access to a given
cell. I have multiple Kerberos principals from multiple
institutions all who have AFS cells. Do I need to use cross realm
Kerberos to obtain the token or do I need to perform a new kinit for
a principal in the realm locally associated with the cell?
(c) prompt me for new credentials when my TGT expires or when it doesn't
know which principal to use for accessing which cell?
Jeffrey Altman
begin:vcard fn:Jeffrey Altman n:Altman;Jeffrey org:Secure Endpoints Inc. adr:;;255 W 94TH ST PHB;NEW YORK;NY;10025;United States email;internet:[EMAIL PROTECTED] title:President tel;work:+1 212 769-9018 x-mozilla-html:TRUE url:http://www.secure-endpoints.com version:2.1 end:vcard
smime.p7s
Description: S/MIME Cryptographic Signature
