Re: [nfsv4] WG adoption of draft-dnoveck-nfsv4-security
Brian Pawlowski <beepee@gmail.com> Tue, 27 February 2024 14:57 UTC
Return-Path: <beepee@gmail.com>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 714AEC151535; Tue, 27 Feb 2024 06:57:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.215
X-Spam-Level:
X-Spam-Status: No, score=-1.215 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.1, MIME_HTML_ONLY_MULTI=0.001, MIME_QP_LONG_LINE=0.001, MPART_ALT_DIFF=0.79, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2dsXdIo3l3nT; Tue, 27 Feb 2024 06:57:53 -0800 (PST)
Received: from mail-lf1-x12d.google.com (mail-lf1-x12d.google.com [IPv6:2a00:1450:4864:20::12d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 44D36C151532; Tue, 27 Feb 2024 06:57:48 -0800 (PST)
Received: by mail-lf1-x12d.google.com with SMTP id 2adb3069b0e04-5101cd91017so6420922e87.2; Tue, 27 Feb 2024 06:57:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709045866; x=1709650666; darn=ietf.org; h=to:references:message-id:cc:date:in-reply-to:from:subject :mime-version:content-transfer-encoding:from:to:cc:subject:date :message-id:reply-to; bh=8WAAg+O1brdEuISVV7BOgRYDtvevNxP4/D3DHea8gO0=; b=Y8pS3n72VgT1GET7/Zq7EB70M600tCrFa2/7QGX6XSa8lrBvvXziX2QBiSbdoPJ8RW /VvJUwkumVCcieORXquNoSo8J+NuAcDBWaIeK7eQuRi3RnYYUIeBMrL8LHioanfPSHZ0 nJn2cO5nreI6Rb0B+2Ma9hvBiBI101dCtJQ+OPHPkPbBMsTVd9So7ARBAWGDc4h/Qvon DicDXFhCZQdL+y6E+6+E5rCW+S6k0fx8JgepD4fC+JpXJlibyPHF3zsAWnzWMkF7dwQV 2a6qSntWgVKux/vviVWCEdMpp33OP90SiNUVUe7hhnY/DuoL61HN7bM7e9Swn+kHbuxS 3Gyg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709045866; x=1709650666; h=to:references:message-id:cc:date:in-reply-to:from:subject :mime-version:content-transfer-encoding:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=8WAAg+O1brdEuISVV7BOgRYDtvevNxP4/D3DHea8gO0=; b=Giiy81RgcV2bzNaP0XzMOV4b88AoxPEeBcIO+WqPYWBdabLAkSdV83UHcVercpuXWU SYjUyOnekNaUMD7rPfU1QiMRVLUK4pflm+rJfq1P4qEr8YQglqZQus47TJtvd+ufqYaJ CStDG7Qb4lBspVTb/ZE/+Z653OgHcGxXGpYtk7MCUrwMsWGcvDWXAxwuXUXMxpep/gkH mf9vRLCqu+eXvrapJYpSHXISgpiwi5YQtGMz7EAiXcYZITR3O1r+VAxkyQZOmdrv8GyC M1LPZ5l/sOk0lnC6ChMvdbeXY5Ul51v+hDd1rMKpB4d/E6aEMoj0iEZuxnt3A+KUe1AA Rpng==
X-Forwarded-Encrypted: i=1; AJvYcCWTBrAqlGa14dRSvU6CIcq32/4anBZ3lka2MPXlX/iNPcuXptGwaY7zUXXXIQkYo0khlcliL77cAC6REiJGFvmiGtdSsKdxHtUO9Za+y/W98Og20EQi
X-Gm-Message-State: AOJu0YxoB4WdtjRgFcOWI9likfFLjFlOs1G9lCA6VOZqqaV/2E+NMaXe 5Dx6WwRninSH9iALNGh9kndj/C7a1wHCif+jF66M/jsNJsi66N97kY2KEoPL
X-Google-Smtp-Source: AGHT+IGdXyVhLlpl6E5gAt7xklc3Eq53r/DTDI2YYoyo3lVRAEAnvDT+HoNTQGJQR9yiAGkU010TAg==
X-Received: by 2002:a19:c218:0:b0:513:e21:2a64 with SMTP id l24-20020a19c218000000b005130e212a64mr1109410lfc.31.1709045865586; Tue, 27 Feb 2024 06:57:45 -0800 (PST)
Received: from smtpclient.apple (c-67-188-177-222.hsd1.ca.comcast.net. [67.188.177.222]) by smtp.gmail.com with ESMTPSA id c5-20020a056402100500b005656816d622sm832560edu.11.2024.02.27.06.57.44 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 27 Feb 2024 06:57:45 -0800 (PST)
Content-Type: multipart/alternative; boundary="Apple-Mail-D23AEEE1-2CFF-46CA-BAD8-0833763FC241"
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (1.0)
From: Brian Pawlowski <beepee@gmail.com>
In-Reply-To: <CADaq8jcXR2-xZQ_uHPLBBa+4Q6RfvkfATzqbAzgwH1Kq1ZQZoA@mail.gmail.com>
Date: Tue, 27 Feb 2024 06:57:32 -0800
Cc: Zaheduzzaman Sarker <zahed.sarker.ietf@gmail.com>, nfsv4-chairs <nfsv4-chairs@ietf.org>, NFSv4 <nfsv4@ietf.org>
Message-Id: <75393B52-D216-40DD-983B-9F7C9456C777@gmail.com>
References: <CADaq8jcXR2-xZQ_uHPLBBa+4Q6RfvkfATzqbAzgwH1Kq1ZQZoA@mail.gmail.com>
To: David Noveck <davenoveck@gmail.com>
X-Mailer: iPhone Mail (21D61)
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/MrqWRE_NZBrvLhFDPbKXYynSs1w>
Subject: Re: [nfsv4] WG adoption of draft-dnoveck-nfsv4-security
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Feb 2024 14:57:55 -0000
- Brian told me matters had been delayed by his illness (covid-19).
- We discussed the pending documents and agreed to have a more detailed discussion later.
- I reiterated the original request for an adoption call (originally made 12/20/2023) and Brian agreed to follow up.
- We clarified the need for Bran to send the WG a proposed list of consensus items, taken from Appendix B of draft-dnoveck-nfsv4-security-07. There had previously been confusion about this with Brian looking at Appendix C of draft-ietf-nfsv4-rvc5661bis and not finding those item. I referred him to the correct appndix and stressed that the current focus needed to be on the security document, given that the original request for an adoptional call, made in 2022 jad been lost track of.
Chairs, please response to David's request and share your views.//ZahedAlthough Gmail thinks that this a reply, it is actually a follow-up for my request sent on 12/20/2023. So there is no issue of me replying to myself and no issue of multiple personality syndrome to worry about :-)I had originally hoped that the three weeks to the next wg interim meeting would give us time to complete a two-week comment period and allow us to resolve this long-deferred matter at the 1/16 interim meeting. Given the time that has already elapsed, that no longer seems possible. Sigh!I have received no updates regarding this request. If there are impediments that would delay prompt work on this request, I need whoever is dealing with this request to let me know about the issue so that it can get addressed.If that is not possible, we will have to address the matter at the 1/16 interim meeting. Given what happened with the original request to adopt -06, I don't think that we can again simply wait passively and hope that one of the chairs is taking care of this matter. It makes more sense for me and whichever chair takes responsibility for this to discuss the next steps at this and subsequent interim meetings, allowing us to make sure we have process that leads to a prompt resolution of this matter.I would like to formally request that the working group adopt this document, currently at its -07 draft, as a working group document.I suggest that the working group be asked for its comments as soon as possible. Given that the next interim meeting is scheduled for 1/16, this should allow a two-week period for comments plus time to summarise the results and present a decision at the interim meeting. This will give us an opportunity to formulate a plan of action, whatever the decision is. I don't think we can afford a repeat of the situation with the previous adoption call in which there was uncertainty about the precise contours of the working group's response and a consequent delay as the draft whose adoption was request ceased to be relevant.One important point regarding the adoption call is that we need to clearly distinguish issues with the precise contents of the draft, which could be addressed after adoption from feelings, if they exist,, that the current draft is not a suitable vehicle in its current form , for the working group to address NFSv4 security issues. If the latter, we need to understand what changes might be required, so those changes cab made, allowing the working group to continue to make progress.
- Re: [nfsv4] WG adoption of draft-dnoveck-nfsv4-se… David Noveck
- Re: [nfsv4] WG adoption of draft-dnoveck-nfsv4-se… Zaheduzzaman Sarker
- Re: [nfsv4] WG adoption of draft-dnoveck-nfsv4-se… David Noveck
- Re: [nfsv4] WG adoption of draft-dnoveck-nfsv4-se… Zaheduzzaman Sarker
- Re: [nfsv4] WG adoption of draft-dnoveck-nfsv4-se… Brian Pawlowski