IETF Logo Mail Archive

[nfsv4] RFC: How to handle (N)VERIFY for Posix draft ACL attributes

Rick Macklem <rick.macklem@gmail.com> Thu, 06 March 2025 23:23 UTC

Return-Path: <rick.macklem@gmail.com>
X-Original-To: nfsv4@mail2.ietf.org
Delivered-To: nfsv4@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 73373891DAD for <nfsv4@mail2.ietf.org>; Thu, 6 Mar 2025 15:23:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -0.2
X-Spam-Level:
X-Spam-Status: No, score=-0.2 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aOo5IcbncLAX for <nfsv4@mail2.ietf.org>; Thu, 6 Mar 2025 15:23:45 -0800 (PST)
Received: from mail-ed1-x52b.google.com (mail-ed1-x52b.google.com [IPv6:2a00:1450:4864:20::52b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id ECDFC891DA8 for <nfsv4@ietf.org>; Thu, 6 Mar 2025 15:23:45 -0800 (PST)
Received: by mail-ed1-x52b.google.com with SMTP id 4fb4d7f45d1cf-5e5e0caa151so734695a12.0 for <nfsv4@ietf.org>; Thu, 06 Mar 2025 15:23:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1741303425; x=1741908225; darn=ietf.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=kHa6sbISjlpWxFqIT9rVSOA0Scmy60PLSbEYQFe9ArU=; b=dGfNSk8R+N85OmNcb4WkJu168zjReVJw41no0I3IKkaQmdx3nj/xDW/1LmxMrnU8Mj jlULO3snWqRhCO5Rd+l63XigggE2b3insAzo2SqkiSTWlYI2KoHKoIqmKlUuEpC7vHB9 EO53wWeW71AB4FAfILbFA4cNkFX84WdLF8lu/uvUwfgAwbNA1zArh5pB6t/i7E/Yo9ST 6thwv6uqXANtcaZG+AHErwzVMKITQW+BOIPaZgsswoZsupftcOXK77zKpL1/wxmuigbR Cv0zopTd9mmvdMHEVYxDIZnMb/W37U/FUWTrkTltior1SzcWKbsC4yINAt1KmMYZom9f blmw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741303425; x=1741908225; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=kHa6sbISjlpWxFqIT9rVSOA0Scmy60PLSbEYQFe9ArU=; b=Sjs1f7nffwZjv9cguq1mCylTDuwDXqW+zmDihLGxi3bor5lfulMXWtbGcJbNl0TTO7 D/fHDJo9AQB6hC0tz90w7fGhfSPBwxYo/q4wPw9QvX3KDDKns6VVjuuoLJOPcM2RvATi qWLAo6goaobsqgOchk2NVbp6yxjY4uvSnVRLu8E/sIL3NPrf1ZTxUjcjg1k+F99gFLgG 2yAyrFnEfR1ktJqgEFs6uqovORFP0SvNsj++PLUfd6k+7ZerumhO/MeafrUjZXLsAUGP IdzyyfRUmTa3IwV7E6+hSuelhAkVcXHDx72Rbn7vtAC6WNQAvBv64we6K65LtUNgKy11 Iefw==
X-Gm-Message-State: AOJu0Yz17ahM/O/3N3dwVGNJFNO2piTxFtfjljA4mQt73cCAZErE3uV7 ln1pqpW31RuAaSakiGiKX9qoMNVGRFjJDEa2f62zPKoU9ezj0HVmtQ+94H20Fti80iFZQekxru0 gT86Z8zleLUOdGx1Vvdlh5lKtWzDaHvk=
X-Gm-Gg: ASbGnctPthLSPxIh6AxLMeCgN0nihi1JHq4A5SClwRu0fpyNBrfnnPiVN34IVQiDM+b DYNgN8oeWgVpg9B14gXOHlrfKvwGjKW1hkbStuAIwDhyMPmOZpv0dQiWS5KuSNIxkJYa+i5sEjP HyXFUNCnv4kaWuiqkjH0BxWB3UoTqe2oFDbFCFI09G2miLdosGwMuMM3El
X-Google-Smtp-Source: AGHT+IElxVwBYxJ/3da4QzqkEaRfC4tOwZJJ0Qkqy7q8HoPv+wTPXlAHIhwosw/pWjjNHHYTmwotU+8JneV1yCfeuP4=
X-Received: by 2002:a05:6402:518a:b0:5e5:ca1b:c425 with SMTP id 4fb4d7f45d1cf-5e5e24153e1mr1337627a12.17.1741303424652; Thu, 06 Mar 2025 15:23:44 -0800 (PST)
MIME-Version: 1.0
From: Rick Macklem <rick.macklem@gmail.com>
Date: Thu, 06 Mar 2025 15:23:28 -0800
X-Gm-Features: AQ5f1JonoUoA21eA1gWrKxa5tVZf-o-k3d1XMRnqC57PcZ4DAR0BPhjLfAa1k5o
Message-ID: <CAM5tNy6MiNKgU0Qmh2giUaT1DGRX4cX2A1Uh9NYH6dB+NSA76g@mail.gmail.com>
To: NFSv4 <nfsv4@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Message-ID-Hash: RXQQ7E3PEPHTLCH5EYOVUFAWXFBJVWUK
X-Message-ID-Hash: RXQQ7E3PEPHTLCH5EYOVUFAWXFBJVWUK
X-MailFrom: rick.macklem@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-nfsv4.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [nfsv4] RFC: How to handle (N)VERIFY for Posix draft ACL attributes
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/NqZTqKXEtq7oJUiKGCmnNcr5ERg>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Owner: <mailto:nfsv4-owner@ietf.org>
List-Post: <mailto:nfsv4@ietf.org>
List-Subscribe: <mailto:nfsv4-join@ietf.org>
List-Unsubscribe: <mailto:nfsv4-leave@ietf.org>

Hi,

If I understood the previous discussion of this (I might not have), the
POSIX draft ACL draft needs one of the following:

1 - A statement that (N)VERIFY operations are not supported for the
  attributes.
or
2 - A description of how the POSIX draft ACL attributes are compared.
  (If this alternative is preferred, my initial attempt would be to state
   that ACLs with the same set of ACEs but in a different ordering would
   be considered "same" for (N)VERIFY.)

I, personally, prefer #1 since I do not think that applying (N)VERIFY to
the POSIX draft ACL attributes is useful, but I need feedback from others
so that I can complete the draft.

Thanks in advance for any comments, rick

v2.29.0 | Report a Bug | By Email | System Status