The ultimate in NFS conferences, Connectathon is now in its final days for 05.

check out the talks:
http://www.connectathon.org/talks05/index.html

The last one had a interesting security note:
pNFS Update and Security Discussion - Brent Welch, Panasas

In reference to pNFS (later blog), the block solution for "security" from the client to the data servers is authenticated via a "capability". The only problem being that this completely susceptible to snoop/man in the middle attacks. So we really relying on physical access to the network.

And i believe i was just complaining to fellow group memebers last week how silly it was that we still support DH - oh well.

man i hate blocks.

Note: Brent is a super sharp guy and didn't come up with the security solution, he was just explaining it.
Note2: Brent mentioned you could use IPsec to protect the "capability", but why not just use a files solution and krb5?