IETF Logo Mail Archive

Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrity-measurement-01.txt

Bruce Fields <bfields@fieldses.org> Thu, 27 September 2018 15:55 UTC

Return-Path: <bfields@fieldses.org>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0CA52130E86 for <nfsv4@ietfa.amsl.com>; Thu, 27 Sep 2018 08:55:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n-sL83XqweBm for <nfsv4@ietfa.amsl.com>; Thu, 27 Sep 2018 08:55:47 -0700 (PDT)
Received: from fieldses.org (fieldses.org [173.255.197.46]) by ietfa.amsl.com (Postfix) with ESMTP id 79C4A130DCB for <nfsv4@ietf.org>; Thu, 27 Sep 2018 08:55:47 -0700 (PDT)
Received: by fieldses.org (Postfix, from userid 2815) id 593881E67; Thu, 27 Sep 2018 11:55:46 -0400 (EDT)
Date: Thu, 27 Sep 2018 11:55:46 -0400
From: Bruce Fields <bfields@fieldses.org>
To: Chuck Lever <chuck.lever@oracle.com>
Cc: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>, NFSv4 <nfsv4@ietf.org>
Message-ID: <20180927155546.GH9559@fieldses.org>
References: <153780090601.28221.16958675117475194416@ietfa.amsl.com> <CADE569F-8584-42CF-A297-E60956D368A2@oracle.com> <CAKKJt-fmB5psmtbm9PJTnhkZkZLCBnCVZnr3fMsf++exN5XObQ@mail.gmail.com> <20180926202157.GA826@fieldses.org> <1F2E60B5-E09F-4B33-8301-99C5E5A0F310@oracle.com> <20180927011257.GC2715@fieldses.org> <8461C2B0-41B3-4983-86F3-78DC4B36D077@oracle.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <8461C2B0-41B3-4983-86F3-78DC4B36D077@oracle.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/Eac4SvsnWAQcENsS4lSwzGx1mcU>
Subject: Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrity-measurement-01.txt
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Sep 2018 15:55:49 -0000

Just to be clear, I don't claim to know what's best, I'm just want to
make sure I understand the decisions here:

On Thu, Sep 27, 2018 at 08:31:58AM -0700, Chuck Lever wrote:
> On Sep 26, 2018, at 6:12 PM, Bruce Fields <bfields@fieldses.org> wrote:
> > OK, but you do have to know how all the other clients are formatting the
> > information.  I don't quite understand what's meant by ensuring
> > interoperability, then.
> > 
> > I guess I expected to see something like say a 32-bit "type" field with
> > implementations able to register different "type" values so you could at
> > least tell whether it should bother trying to parse a given file
> > provenance field.
> 
> I don't think it's helpful to insert the WG and IANA in the
> process of deciding the type of information in the FPI payload,
> especially when the structure of that payload is out of the WG's
> hands.

What would be the problem with, for example, documenting what IMA
currently does?

> Either the clients look at a 32-bit enum value, or they look at
> the payload and figure out what it is. I can't see how it makes
> any operational difference.

If the client tries to parse it without knowing which implementation
created it, and it turns out it was created by someone else, I guess the
verification will normally fail and maybe that's what you want.

It's not impossible that it could get misparse it and succeed, though.
Maybe there's no realistic situation where that has practical
consequences, I don't know.

> > Maybe it's not necessary.  I wonder what would would happen in practice.
> > I geuss if people deployed two different clients that both claimed
> > support for file provenance, they might be surprised when they started
> > randomly throwing errors when one client tries to read files written by
> > another.
> 
> Typically, an NFS server serves a fleet of clients that have a
> common administrator who provisions and configures these clients
> to recognize the same FPI payload.
> 
> The consequences of not recognizing the file provenance information
> are not dire. In those cases, clients simply don't allow access to
> the file's content, and the implementations are free to report to
> the administrator that the FPI format is not recognized.
> 
> Would it help to state that in the draft?

Maybe so.

--b.

v2.23.0 | Report a Bug | By Email