IETF Logo Mail Archive

[nfsv4] more on gss authentication for callback

rick@snowhite.cis.uoguelph.ca Thu, 30 October 2003 21:57 UTC

Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA16148 for <nfsv4-archive@odin.ietf.org>; Thu, 30 Oct 2003 16:57:29 -0500 (EST)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AFKmz-0007u9-Pg for nfsv4-archive@odin.ietf.org; Thu, 30 Oct 2003 16:57:09 -0500
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id h9ULv9MN030378 for nfsv4-archive@odin.ietf.org; Thu, 30 Oct 2003 16:57:09 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AFKmz-0007tt-In for nfsv4-web-archive@optimus.ietf.org; Thu, 30 Oct 2003 16:57:09 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA16142 for <nfsv4-web-archive@ietf.org>; Thu, 30 Oct 2003 16:56:58 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AFKmx-0003KX-00 for nfsv4-web-archive@ietf.org; Thu, 30 Oct 2003 16:57:07 -0500
Received: from manatick.foretec.com ([4.17.168.5] helo=manatick) by ietf-mx with esmtp (Exim 4.12) id 1AFKmw-0003KT-00 for nfsv4-web-archive@ietf.org; Thu, 30 Oct 2003 16:57:06 -0500
Received: from [132.151.6.22] (helo=optimus.ietf.org) by manatick with esmtp (Exim 4.24) id 1AFKmx-0001zJ-OQ for nfsv4-web-archive@ietf.org; Thu, 30 Oct 2003 16:57:07 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AFKmr-0007sd-TJ; Thu, 30 Oct 2003 16:57:01 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AFKmJ-0007pk-EK for nfsv4@optimus.ietf.org; Thu, 30 Oct 2003 16:56:27 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA16088 for <nfsv4@ietf.org>; Thu, 30 Oct 2003 16:56:16 -0500 (EST)
From: rick@snowhite.cis.uoguelph.ca
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AFKmG-0003Jf-00 for nfsv4@ietf.org; Thu, 30 Oct 2003 16:56:24 -0500
Received: from snowhite.cis.uoguelph.ca ([131.104.48.1]) by ietf-mx with esmtp (Exim 4.12) id 1AFKmG-0003Ja-00 for nfsv4@ietf.org; Thu, 30 Oct 2003 16:56:24 -0500
Received: (from rick@localhost) by snowhite.cis.uoguelph.ca (8.9.3/8.9.3) id QAA03320 for nfsv4@ietf.org; Thu, 30 Oct 2003 16:58:11 -0500 (EST)
Message-Id: <200310302158.QAA03320@snowhite.cis.uoguelph.ca>
To: nfsv4@ietf.org
Subject: [nfsv4] more on gss authentication for callback
Sender: nfsv4-admin@ietf.org
Errors-To: nfsv4-admin@ietf.org
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/mail-archive/working-groups/nfsv4/>
X-Original-Date: Thu, 30 Oct 2003 16:58:11 -0500 (EST)
Date: Thu, 30 Oct 2003 16:58:11 -0500

First, thanks a lot for the good info. I now have some idea of what to do.
One case I am curious about:
- The client authenticates to the server for SetClientID with
	target: nfs@<serverhost.domain>
	initiator: root (or root@REALM in Kerberos jargon)
then, can the server authenticate the callback with
	target: root
	initiator: nfs@<serverhost.domain>	??
Can the client do a gss_accept_sec_context() with "root@REALM" credentials
without any keytab and get the principal nfs@<serverhost.domain>?

If the above would work, that would avoid the client having to have a
keytab file.

Anyone know if this will work, or see problems with it? rick

_______________________________________________
nfsv4 mailing list
nfsv4@ietf.org
https://www1.ietf.org/mailman/listinfo/nfsv4

v2.23.0 | Report a Bug | By Email