[plug] Distributed files systems (AFS)
Craig Ringer
craig at postnewspapers.com.au
Thu Sep 8 13:14:16 WST 2005
On Thu, Sep 08, 2005 at 09:38:23AM +0800, Rennie wrote:
> The way I see it the options so far are:
6) WebDAV. As others have suggested.
Note that you can use WebDAV over SSL, and tell Apache not to even talk
to the user unless they present a client certificate signed by your CA.
The same certificate can be used for IMAP+TLS / IMAPs, POP3+TLS / POP3s,
SMTP+TLS / SMTPs, and for access to the intranet web pages over HTTPs.
I'm still investigating good WebDAV clients for the win32 users (like so
many other SSL clients, some of them don't seem to understand client
certs - grr) so I can't recommend anything quite yet. I can say that
I've found client-certficate protected remote access to network services
to be an ideal way to do things - once set up, it's essentially
transparent to users, and it's not hard to provide them with a quick
HOWTO on (eg) installing a client cert into firefox and thunderbird.
There are some pretty computer illiterate users at my work and they've
managed fine when I provide a CD with the softeware required and a PDF
HOWTO with lots of screenshots.
I'm very interested in any recommendations of good WebDAV clients for
win32 that correctly handle client certs. Ideally the client wouldn't
present a drive letter (so malicious apps can't so easily poke around
in the WebDAV exports), but might have a windows explorer like drag &
drop interface.
--
Craig Ringer
More information about the plug
mailing list