[nfsv4] Stephen Farrell's No Objection on draft-ietf-nfsv4-lfs-registry-04: (with COMMENT)
"Stephen Farrell" <stephen.farrell@cs.tcd.ie> Wed, 08 April 2015 13:04 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B9B081A3B9C; Wed, 8 Apr 2015 06:04:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eIW51RVLrgDP; Wed, 8 Apr 2015 06:04:24 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 6823E1A6F07; Wed, 8 Apr 2015 06:04:05 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
To: The IESG <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 5.13.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20150408130405.12556.51971.idtracker@ietfa.amsl.com>
Date: Wed, 08 Apr 2015 06:04:05 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/nfsv4/DWjHMREMvnlmwEsDQQzxpp3_6B8>
Cc: nfsv4@ietf.org
Subject: [nfsv4] Stephen Farrell's No Objection on draft-ietf-nfsv4-lfs-registry-04: (with COMMENT)
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.15
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Apr 2015 13:04:26 -0000
Stephen Farrell has entered the following ballot position for draft-ietf-nfsv4-lfs-registry-04: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to http://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: http://datatracker.ietf.org/doc/draft-ietf-nfsv4-lfs-registry/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- I think there is a possibly missing security consideration in section 4 - if two label formats "overlap" so that a value for one could represent a (different) value for the other and if the label format specifier is not somehow bound to the packet/object, then some confusion attacks may be possible. The mitigation I think is to either (maybe implicitly) bind the format specifier into the object/label or to ensure that label values cannot be valid for other label format specifiers. (Note that attacks here are probably only interesting in highly specific cases, so it's not a huge deal, but maybe worth a mention.)
- [nfsv4] Stephen Farrell's No Objection on draft-i… Stephen Farrell
- Re: [nfsv4] Stephen Farrell's No Objection on dra… Tom Haynes