[nfsv4] AUTH_GSS for Callbacks

New Message Reply About this list Date view Thread view Subject view Author view Attachment view

From: rick@snowhite.cis.uoguelph.ca
Date: 10/29/03-04:16:18 PM Z 

From: rick@snowhite.cis.uoguelph.ca
Message-Id: <200310292216.RAA06688@snowhite.cis.uoguelph.ca>
Subject: [nfsv4] AUTH_GSS for Callbacks
Date: Wed, 29 Oct 2003 17:16:18 -0500 (EST)

It's me, confused again:-)

I've read Sec. 3.4 a couple of times and can't figure out quite what the
server is supposed to do w.r.t. GSS authentication for Callbacks.

The first para. seems to state that the server should use the same
principal the client used when doing the SetClientid. Later, it seems
to state that the server should use the form:

nfs@hostname (or nfs/hostname@REALM for Kerberos)

and then it seems to hint that this will be what the client would have
used for the SetClientID.

So, should the server use whatever principal the client provided
OR
nfs@client-hostname (with or without domain spec)
OR
nfs@server-hostname (with or without domain spec)?

I suppose it can just be left up to the sysadmin, since whatever is
used has to be in the server's /etc/krb5.keytab (or does it, I'm a
Kerberos midget), set in the exports file, or similar.

Anyhow, I'd be interested in hearing what others think, rick

_______________________________________________
nfsv4 mailing list
nfsv4@ietf.org
https://www1.ietf.org/mailman/listinfo/nfsv4

New Message Reply About this list Date view Thread view Subject view Author view Attachment view

This archive was generated by hypermail 2.1.2 : 03/04/05-02:12:51 AM Z CST