From: Mike Eisler (mike@eisler.com)
Date: 12/20/02-06:55:36 PM Z
Message-ID: <3E03BC08.5010308@eisler.com>
Date: Fri, 20 Dec 2002 16:55:36 -0800
From: Mike Eisler <mike@eisler.com>
Subject: Re: crypto performance and RPCSEC_GSS
Brent Callaghan wrote:
> Mike Eisler wrote:
>
>> :
>
> > :
>
>> For the replication/migration protocol, we don't even
>> need the lightweight "name" mechanism. Since
>> we appear to have reached consensus that there will be just one session
>> per transport connection, then at session creation time we would use
>> a secure mechanism that identifies the source and target,
>> and, if the target believes the connection to be secure,
>> negotiate down to AUTH_NONE. We might as well use something
>> resembling SECINFO.
>
>
> If connection-based security is appropriate for a repl-mig
> protocol then it would be more appropriate to use a connection
Connection-based security is only appropriate if the connection
is secure. My proposal lets one use RPCSEC_GSS
to work with secure or not secure connections. Also, I'm,
assuming ONC RPC framing, and since ONC-RPC defines
authentication at the RPC level, RPCSEC_GSS is most
appropriate. If we aren't using ONC RPC
framing in the repl-mig protocol, then RPCSEC_GSS
is clearly inappropriate. Without ONC RPC framing, and
with IPsec connection security, I agree that SASL over GSS-API
(context setup phase only) is the way to go.
-mre
This archive was generated by hypermail 2.1.2 : 03/04/05-01:50:45 AM Z CST