[235] in Zephyr Mailing List
Re: Interrealm support issues
daemon@ATHENA.MIT.EDU (Derrick J Brashear)
Thu Jan 2 09:45:32 1997
Date: Thu, 2 Jan 1997 09:39:34 -0500 (EST)
From: Derrick J Brashear <shadow@DEMENTIA.ORG>
Reply-To: Derrick J Brashear <shadow@DEMENTIA.ORG>
To: zephyr@MIT.EDU
In-Reply-To: <199701011042.FAA10652@the-light-fantastic.MIT.EDU>
> * In the CMU model, servers talk to each other, which
> potentially creates a maintenance problem. If servers never
> talk to each other (as is the case in, say, AFS), it becomes
> impossible for poor administration in one realm to affect
> servers in another realm. I don't know if there are any
> real practical issues involved in the CMU implementation,
> though.
We were unable to determine a case where servers in one realm would affect the
other badly because of misconfiguration when we tested; The only bugs we had
had to do with one server requesting the wrong subscriptions for a local user
from a remote realm, but you never saw that code; It was before I started
working on it.
> * Hijacking the recipient Kerberos realm to determine the
> Zephyr realm is really pretty unclean; nobody tries to
> equate AFS realms with Kerberos realms, and doing it in
> Zephyr bothers me. If you do inter-realm on the client
> side, it's a little easier to add a "realm" field to the
> local-machine protocol because you can assume a little more
> about whether the client library and host manager are in
> sync.
I can't really argue with this.
> A few people have argued that Zephyr should support both mechanisms,
> but I think that would create too much of a mess.
Probably.
> Comments? After hashing it out, it looks like the protocol
> cleanliness issue is the biggest problem I have with the CMU approach,
> and perhaps I should just try to find a path to a cleaner protocol for
> server-side interrealm support.
Well, the only problem I really see is no way to separate Zephyr and Kerberos
realms; No changes had to be made to the protocol to support it, and it means,
for instance that the horrible network lossage I experienced when I was at MIT
and trying to use my machine back here would not be exacerbated further if MIT
and CMU were ever to actually set things up officially. IMO the CMU approach is
worth it if only for the huge decrease in network traffic for large
installations.
I should mention that the CMU approach is not mine; I only cleaned up and
reintegrated the code.
My suggestion would be to in some way encode the "Zephyr" realm in the
recipient field along with the Kerberos realm, since I can't think how
authentication would work reasonably otherwise, but I haven't really thought
through this at all yet.
-D
