19 Feb
2010
19 Feb
'10
2:10 p.m.
Pierangelo Masarati masarati@aero.polimi.it wrote:
- wait for replication to completebefore authentication can continue.
One problem:
If we do that, authentication cannot take place if the master or a replica is down. That defeats the purpose of setting up replicas to prevent failures.
IMO there is a trade off between reliability and security here. We can either (1) redirect the client to the master (lower availability, better security since no replay can happen at any time), or (2) accept the authentication locally and send the update to the master afterwards (more reliable. less secure)
--
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@netbsd.org