6/9/[email protected] ibm transarc openafs openafs board kickoff meeting end of october members
TRANSCRIPT
6/9/2000 [email protected] 2
IBM Transarc OpenAFS
http://www.transarc.com/News/press/opensource.html
OpenAFS Board Kickoff meeting end of October Members still being settled
Laura Stentz IBM-Transarc Craig Everhart IBM-Transarc Peter Honeyman Umich Ted McCabe MIT Derrick Brashear CMU Commercial customer nominations under consideration
6/9/2000 [email protected] 3
6/9/2000 [email protected] 4
Drop In connections
Authorized Access to the NetUser interface issues Which authn to present? Pre-authz access (to get authn)?
6/9/2000 [email protected] 5
Wireless Access Control
Layer 1 - Network name or WEP keys Scale a secret to 10,000 people?
Layer 2 - MAC-based filtering Policy applied by AP Manage the list – where? MAC address is spoof-able
6/9/2000 [email protected] 6
Ethernet Access Control
PPPOE (EAPOE) Tunneling over bridged Ethernet Dialup client interface RFC2516 - http://www.ietf.org/rfc/rfc2516.txt
802.1x (EAPOL) Port-based (association-based) access control Requires system and device support Dynamic session key management EAP (RFC2284 - www.ietf.org/rfc/rfc2284.txt) Some connectivity before authentication http://grouper.ieee.org/groups/802/1
6/9/2000 [email protected] 7
IP Access Control
DHCP based on MAC registration IP addresses can be stolen, MAC is
spoof-able
Authenticated DHCPwww.ietf.org/internet-drafts/draft-ietf-dhc-authentication-12.txt
Gating function VPN technology (one-hop) ‘Firewall’ for external access