[untrusted clients]

Indeed, and I'm not trying to solve this problem.  I keep hearing
rumors of patches to replace the xor with something real, and this
should avoid the token-revelation problem you describe :-)  Perhaps
with the new BXA rules these can get integrated into the tree.

Using krb5 to get tokens is probably in order, too; that should avoid
the users being able to guess server tokens from their own.

For me, the first goal was to be able to run coda among 20 or so
machines where I have fairly tight administrative control over all
machines and all users of those machines, and trust all users not to
be malicious.  I don't, however, trust the network not to have
sniffers (especially since it involves WaveLANs).  So while the xor
tokens are still bogus, only trusted people even see them.

  [mariner port]

Now on unix-domain socket, I believe.

  [portmapper/dynamic]

My next step is probably to modify the source to set IPSEC policy on
sockets, rather than using SPD entries that key off port numbers.
I only have one server right now, and the port numbers seem entirely
predictable.

Since I last wrote, I have got an IKE daemon (isakmpd from OpenBSD)
working with X.509 certificates, and have SAs instantitated
dynamically.

        Greg Troxel <gdt_at_ir.bbn.com>