[abfab] draft-adamson-nfsv4-multi-domain-access - which IETF working group?
"William A. (Andy) Adamson" <androsadamson@gmail.com> Fri, 29 October 2010 19:18 UTC
Return-Path: <androsadamson@gmail.com>
X-Original-To: abfab@core3.amsl.com
Delivered-To: abfab@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0E2F13A683A; Fri, 29 Oct 2010 12:18:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.513
X-Spam-Level:
X-Spam-Status: No, score=-2.513 tagged_above=-999 required=5 tests=[AWL=0.086, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QGq-1nWP9W2S; Fri, 29 Oct 2010 12:18:18 -0700 (PDT)
Received: from mail-iw0-f172.google.com (mail-iw0-f172.google.com [209.85.214.172]) by core3.amsl.com (Postfix) with ESMTP id F2CF03A6821; Fri, 29 Oct 2010 12:18:17 -0700 (PDT)
Received: by iwn40 with SMTP id 40so4297653iwn.31 for <multiple recipients>; Fri, 29 Oct 2010 12:20:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:cc:content-type; bh=GKzIlCQ9CZ8dgnxr/zmkPBuNRrR9FCzoTcmBUCP8AKc=; b=eKhqjA7s/l7OYkU5kWjIiS9b5yJuEIzZ+l3r9QelC3j7F2WkkkeMRydxKOpiw5TntG cwCM2dvKzqFs2N/ZfoKcQIgf5wHgVISxroy4eGLYWsSrfS30U9p19uU0nmwKMyExTb1E oLtMLBLBtX2a6RsxSh8jrqv481tn9BqUdMrtQ=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:cc:content-type; b=LYRNtf9lWUI4aAo4OlCXASmFRV8Gb3rpal54gL+pXSqi6s+tZTAphIwe2Rl+WBPP2S LJPDlKOl8KRpNf66ZMmKMppzzbo7rTv5OlCmLFcSfO8MB0sgFZzPmz59tBEPBJNLNWDc HArmPHNF3Ikwhs/b0AzMr4eQoZrvxxqoKJoI0=
MIME-Version: 1.0
Received: by 10.231.167.146 with SMTP id q18mr3148670iby.163.1288380012190; Fri, 29 Oct 2010 12:20:12 -0700 (PDT)
Received: by 10.220.177.67 with HTTP; Fri, 29 Oct 2010 12:20:12 -0700 (PDT)
Date: Fri, 29 Oct 2010 15:20:12 -0400
Message-ID: <AANLkTikoOT7zpOVWKzMZ1YqRo3FWKJoSJ-hy+n6bqr5f@mail.gmail.com>
From: "William A. (Andy) Adamson" <androsadamson@gmail.com>
To: Spencer Shepler <sshepler@microsoft.com>
Content-Type: text/plain; charset="ISO-8859-1"
X-Mailman-Approved-At: Sat, 30 Oct 2010 03:51:56 -0700
Cc: ietf-krb-wg@lists.anl.gov, abfab@ietf.org, Jeffrey Hutzelman <jhutz@cmu.edu>, NFSv4 <nfsv4@ietf.org>
Subject: [abfab] draft-adamson-nfsv4-multi-domain-access - which IETF working group?
X-BeenThere: abfab@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" <abfab.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/abfab>, <mailto:abfab-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/abfab>
List-Post: <mailto:abfab@ietf.org>
List-Help: <mailto:abfab-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/abfab>, <mailto:abfab-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Oct 2010 19:18:19 -0000
The initial focus of draft-adamson-nfsv4-multi-domain-access was to address the name resolution issues presented by a multi domain NFSv4 file name space; describing methods by which NFSv4 clients and servers can handle principals, users, groups from multiple administrative domains. This work is driven by the federated file system drafts coming to completion in the NFSv4 WG and a desire for a way forward for multi domain federated name spaces. As the work progressed, it has become clear that this work applies to a broader set of protocols - SMB and WebFS to name a few. It might also apply to the federations and use cases that ABFAB WG services, and has some significant cross over with the general PAC work from Simo Sorce, draft-sorce-krbwg-general-pac.00.txt. At the end of the day, we want to ensure that this draft not only is not in conflict with any ABFAB or other drafts, but that the drafts are usable together even if each piece can also be used independently of the other. The question is: which working group is best to move this draft forward, and how do we ensure (no matter which working group takes on the task) that all the work each WG does complements each other. I note that the federated file system drafts that the NFSv4 working group has successfully moved to completion have a similar issue in that the technology also applies to non-NFS protocols. If the NFSv4 working group is willing, I vote for draft-adamson-nfsv4-multi-domain-access to be an NFSv4 WG item. draft-sorce-krbwg-general-pac-00.txt describes a general PAC for Kerberos which includes global identities applicable to cross-realm. There have been discussions on the krb-wg list concerning the two drafts. draft-adamson-nfsv4-multi-domain-access-03.txt talks about PACs but does not specify one, and is independent of the authorization mechanisms. Our draft describes name and authorization context resolution in a federated environment. The ABFAB charter initial focus is on describing a federated identity (GSS-API) mechanism that will include resolution of federated attributes, but (correct me if I'm wrong) no name resolution. I am giving a very high-level 10min talk on draft-adamson-nfsv4-multi-domain-access-03.txt in Beijing at the NFSv4 WG morning session Tuesday November 9th, and I invite your participation. Unfortunately KITTEN meets at the same time as NFSv4. Perhaps we could schedule a few minutes at either ABFAB or KRB-WG? Or find another time to talk? -->Andy
- [abfab] draft-adamson-nfsv4-multi-domain-access -… William A. (Andy) Adamson
- Re: [abfab] draft-adamson-nfsv4-multi-domain-acce… Sam Hartman
- Re: [abfab] draft-adamson-nfsv4-multi-domain-acce… Leif Johansson
- Re: [abfab] draft-adamson-nfsv4-multi-domain-acce… Leif Johansson
- Re: [abfab] draft-adamson-nfsv4-multi-domain-acce… Nicolas Williams
- Re: [abfab] draft-adamson-nfsv4-multi-domain-acce… Andy Adamson