From: Peter Braam <Peter.Braam@Sun.COM>
To: lustre-devel@lists.lustre.org
Subject: [Lustre-devel] security: rpc message vs bulk data
Date: Fri, 08 Aug 2008 08:45:39 -0600 [thread overview]
Message-ID: <C4C1B833.5560%peter.braam@sun.com> (raw)
In-Reply-To: <1218205536.814.55.camel@JimsOSlap>
On 8/8/08 8:25 AM, "James Hughes" <James.Hughes@Sun.COM> wrote:
>
>
> On Wed, 2008-08-06 at 16:48 -0600, Peter Braam wrote:
>> Of course the CMU research about NASD concluded the same 10-15 years ago -
>> you need a different protocol here, calling it ad-hoc is not so positive,
>> calling it the NASD protocol sounds rather nice.
>
> I am not following the thread here.
>
> The existing implementation leverages off of kerberos in the client machine
> and does not leverage the NASD style ticket granting with versioning that the
> CMU papers advocated. Going to the NASD protocol is OK, but that means either
> abandoning Kerberos or adding Kerberos ticket honoring to the NASD versioned
> ticketing. This is doable, but not trivial.
>
Not true. There are capabilities generated by the MDS, with something
similar to versioning. GSS between clients and OSS nodes is merely used to
send the capabilities encrypted.
>
>
> Can you send pointers to the relevant NASD security papers so that we can have
> a firm set of terminology to discuss this with?
http://www.pdl.cmu.edu/ - click on NASD.
Peter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lustre.org/pipermail/lustre-devel-lustre.org/attachments/20080808/1236fad9/attachment.htm>
next prev parent reply other threads:[~2008-08-08 14:45 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-08-05 18:12 [Lustre-devel] security: rpc message vs bulk data Eric Mei
2008-08-06 2:32 ` Peter Braam
2008-08-06 16:55 ` Eric Mei
2008-08-06 22:48 ` Peter Braam
2008-08-08 14:25 ` James Hughes
2008-08-08 14:45 ` Peter Braam [this message]
2008-08-08 17:03 ` [Lustre-devel] Security issues Eric Barton
2008-08-08 17:12 ` Peter Braam
2008-08-08 17:44 ` Eric Mei
2008-08-09 3:47 ` Peter Braam
2008-08-11 17:14 ` Eric Mei
2008-08-11 19:33 ` Peter Braam
2008-08-11 19:51 ` Eric Mei
2008-08-13 18:40 ` James Hughes
2008-08-13 22:26 ` Peter Braam
2008-08-11 12:56 ` Vitaly Fertman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=C4C1B833.5560%peter.braam@sun.com \
--to=peter.braam@sun.com \
--cc=lustre-devel@lists.lustre.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.