[249] in Zephyr Mailing List
Re: Interrealm support issues
daemon@ATHENA.MIT.EDU (Greg Hudson)
Fri Jan 3 17:15:26 1997
To: John Gardiner Myers <jgm@CMU.EDU>
Cc: zephyr@MIT.EDU
In-Reply-To: Your message of "Fri, 03 Jan 1997 16:58:45 EST."
<cmnM4Ja00WBw1kZuQ0@andrew.cmu.edu>
Date: Fri, 03 Jan 1997 17:13:25 EST
From: Greg Hudson <ghudson@MIT.EDU>
> One could have a model in which a client could talk to a local
> zephyr server in a different realm, taking an identity *in the
> zephyr realm of the server it's talking to*.
Right now an "identity in a zephyr realm" is a Kerberos principle,
including Kerberos realm. If marc@cygnus.com wants to subscribe to
the Athena zephyr servers (assume for sake of argument that Cygnus
isn't running a Zephyr realm at all), what identity would you give
him? Note that in AFS, a pts identity does include a Kerberos realm
(which defaults to the Kerberos realm of the AFS cell, so you don't
see it very often).
I've decided that the name "zephyr realm" is confusing people. There
is a certain value in calling an AFS cell a "cell" and not a "realm,"
in that nobody confuses AFS cells with Kerberos realms. Perhaps we
need to come up with a new term. (People should refrain from
suggesting names to the list, though; that would definitely be noise,
not signal.)
