slides from my LISA 2007 presentation
My slides are available now at eisler.com.
posted by Mike Eisler at 12/29/2006 03:05:00 PM
Friday, December 29, 2006
About Me
- Name: Mike Eisler
I co-authored RFC3530, the NFSv4.0 specification and RFC5661 the NFSv4.1 specification. I work for NetApp on NFS and things related to NFS. I was the primary author for RFC2203, which adds real security to NFS, and led the SEAM project at Sun that produced the first NFS implementation that used Kerberos V5 authentication.
Previous Posts
- I will be at the USENIX LISA Conference in D.C. th...
- Review of "Why NFS Sucks" Paper from the 2006 Lin...
- OSDL's NFSv4 Press Release
- XDR is now a full Standard!
- NFSv3 Exclusive Create and NTFS Qtrees
- Connectathon 2006
- Real Authentication in NFS
- Connectathon is next week Feb 27-March 3, 2006
- I gave a talk at LISA '05
- Changes to comments settings
2 Comments:
One thing that is very hard to track through the RFCs and other documents. Does NFSv4 encrypt just the authentication interactions or can it encrypt all of the server to server interactions.
Art,
NFSv4 is a client to server protcol.
Cryptographic technology (via RPCSEC_GSS) can be used authenticate users on clients to servers, as well
as provided secure integrity checksums to prevent an attacker from tampering with the NFS requests or responses. Via RPCSEC_GSS one can also encrypt all requests and responses.
NFSv4 has no server-to-server
interactions.
Post a Comment
<< Home