On Fri, Jan 3, 2014 at 10:43 AM, lux-integ <lux-integ@xxxxxxxxxxxxx> wrote: > Greetings > > I have been scanning the Internet to find out if spkm3 has been removed from > nfs4 and whether its proported replacement pku2u is available. I get > conflicting reports as te the demise of spkm3 and most of my endeavours for > pku2u seem to suggest it is available now only as a binary release for > microsoft windows. > > > I would be grateful for some advice regarding > > --a) spkm3 status in current releases of linux kernel and nfs-utils etc. ( > i.e. is it or is it not there and working?) SPKM3 failed to make it through the IETF - the draft I was working on expired in 2005. It has therefore been removed from the upstream kernel, nfs-utils etc, although some definitions remain. > --b) wheher an 'open-source' pku2u for linux is availablea as replacement for > spkm3 and if so where to find it. AFAIK there is no open source pku2u. PKU2U is a good idea as it uses the Kerberos protocol with different payloads so kernel Kerberos implementations would not need to change. If I remember correctly the job WRT MIT Kerberos would be to refactor the KDC code into library calls so that a PKU2U server could instantiate a KDC of one entry for itself backed by an X.509 cert - but it's been a long time since I reviewed it. -->Andy > > yours soncerely > luxInteg > -- > To unsubscribe from this list: send the line "unsubscribe linux-nfs" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
