On 03/09/2012 02:49 PM, Simo Sorce wrote:
This authentication method is obsolete and it is time it dies for good.
Can i ask what it has been obsoleted by?
Neither https://tools.ietf.org/html/rfc2025 [SPKM] nor
https://tools.ietf.org/html/rfc2847 [LIPKEY] seem to suggest an
inheritor, and kerberos5 does not provide direct public-key-based
authentication (it's still reliant on an active and trusted third-party).
So it seems like SPKM and LIPKEY offer a cryptographic model that is
otherwise unavailable for authentication between NFS endpoints. What's
the urgency for removal?
--dkg
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html