Self-certifying File System

The Self-certifying File System (SFS)[8] addresses the issue of key management in cryptographic filesystems and proposes separating key management from file system security. Servers have a public key and clients use the server public key to authenticate the server and establish a secure communication channel. To allow clients to authenticate servers on the spot without even having heard of them before, SFS introduces the concept of a `` self-certifying pathname.'' A self-certifying pathname contains the hash of the public-key of the server, so that the client can verify that he is actually talking to the legitimate server. Once the client has verified the server a secure channel is established and the actual file access takes place.

Remote SFS file systems are accessed through the /sfs mount point. An SFS pathname obeys the following syntax: /sfs/location:hostid/real/pathname, where `` location'' is the name (IP address or DNS Name) of the server exporting the file system and `` hostid'' is the hash of a string containing the server's public key and some other information. SFS does not care on how the pathname has been obtained by the user; a user can eventually obtain hostid's using an existing PKI (Public Key Infrastructure). On the other hand, once a self-certifying pathname for the files he is interested in has been obtained, users do not need to remember any key.