[AFS3-std] Thoughts on SetCallBackKey and token format

Simon Wilkinson sxw@your-file-system.com
Mon, 3 Feb 2014 22:47:24 +0000


On 3 Feb 2014, at 22:24, Benjamin Kaduk <kaduk@mit.edu> wrote:

> * In order to have secure callbacks work properly, we need to know =
which identity (if any!) from the user's token was the cache manager =
token.

You also want to be able to handle single identity tokens - such as =
those from single user machines, or from single user tools such as =
libafscp. You can do this by just using the user's identity as the cache =
manager identity in these situations. It is up to the cache manager to =
then deal with any poisoning attacks that this might open up.

Cheers,

Simon