Hi,

On Wed, 22 Nov 2000, Roland Mainz wrote:
> I suggest to simply implement all types which are supported for NFSv3 in
> Solaris 8. 
> This includes:
> - none (no authentification - like anonymous NFS access to ftp sites)
> - sys (uid+gid auth.)
I don't like trusting other computers too much...

> - dh (publickey scheme used by publickey.byname YP map (or cred.org_dir
> NIS+ table)
sounds good

> - kerberos5
is supported via fallback to kerberos4

> - GSS-API
I don't know about that.

What I meant by identification is not the identification of the user, but
rather of the server. If I have a server, which is identified by a unique 
asyncrounous key (rsa, x509, ssh-hostkey, ...?) then I can trust that
server enouth to send it my plain password. Of course, then I need a
really secure line, which is what we want blowfish for.

> Bye,
> Roland

mfG

Max Berger
e-mail: max.berger_at_xslt.de

-- 
XSLT:  http://www.xslt.de/          PGP/GnuPG ID: E81592BC
Sysop: http://www7.in.tum.de/       http://phobos.fs.tum.de/pgp/max.berger.asc
FSMPI: http://www.fs.tum.de/FSMPI/  F489F8759D4132923EC4 BC7E072AB73AE81592BC