Hm, in my naivety I did not account for Venus being bypassed.
  Or do I misunderstand?
  Is it really possible to open a file without consulting with Venus?

I was a bit off here, but there seem to be issues.  See NetBSD's
src/sys/coda/coda_vnops, and look at coda_open - this always calls
venus_open.  But then look at coda_access, which has an implicit
assumption that there is only one user.  The namecache may have
similar issues where one could traverse a directory tree, although
perhaps not open a file.

  There is the opposite issue as well, I want to be able to
  use Coda realms which do not employ IPsec.
  I think I can trust some of them :)
  though definitely not the network in between...

As long as we're clear that rpc2 cryptography needs to be fixed before
you can have confidence in the system, I'm in agreement.