[Lustre-devel] security: rpc message vs bulk data
Eric Mei
Eric.Mei at Sun.COM
Tue Aug 5 11:12:49 PDT 2008
Hi,
Currently we use different security transformation: on RPC message we
use gssapi/kerberos; on bulk data we use separate hash + cipher
mechanism. And to some extend the 2 parts can be configured
independently. For example, you can use "krb5p" on RPC message while use
some light-weight hash/cipher on bulk data for performance or whatever
reasons.
Now we're thinking about using gssapi for both RPC and bulk data. But
this way we won't be able to configure them separately. What we're not
sure is: is it necessary to be able to set different security level for
RPC message and bulk data?
Thanks!
--
Eric
More information about the lustre-devel
mailing list