Re: [nfsv4] Stephen Farrell's No Objection on draft-ietf-nfsv4-multi-domain-fs-reqs-10: (with COMMENT)
Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 31 August 2016 12:30 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07FA212DB47; Wed, 31 Aug 2016 05:30:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.849
X-Spam-Level:
X-Spam-Status: No, score=-4.849 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.548, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fNQ-6bG6Yb0d; Wed, 31 Aug 2016 05:30:24 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5842B12DB3E; Wed, 31 Aug 2016 05:30:24 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 1BE04BE64; Wed, 31 Aug 2016 13:30:23 +0100 (IST)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id njr-XLXK7acR; Wed, 31 Aug 2016 13:30:22 +0100 (IST)
Received: from [134.226.36.93] (bilbo.dsg.cs.tcd.ie [134.226.36.93]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 84F3DBE58; Wed, 31 Aug 2016 13:30:22 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1472646622; bh=rW8Ncxk7OLmJBivJ7qXqYlRZ4MsJNM4axQzTIMTE5C8=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=M4rOJryS1k9vK7FA01USWkYf44m4gbp95m04ZwkybyOnazgt0tgW8Bjk4JiSn8lai JQc7SVawY5xnnPM9aulOTtQATfsVvXmTjgPnKH+mhIQZ2xrfiRWHwYtlalLODrfDT0 R5FcrHW89upYTjpHgav72avFYXHP4TnKYeGiH5tU=
To: "Adamson, Andy" <William.Adamson@netapp.com>
References: <147259004562.23685.4230186211321856907.idtracker@ietfa.amsl.com> <68A386D4-98A5-4A20-966A-FF1CBD0D32E9@netapp.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <4260a86c-7560-794d-169f-5a723b80f087@cs.tcd.ie>
Date: Wed, 31 Aug 2016 13:30:21 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <68A386D4-98A5-4A20-966A-FF1CBD0D32E9@netapp.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms070502080908090408030309"
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/RFwqi0Up7ofM1GAb5AQ1LfiyDb8>
Cc: "nfsv4-chairs@ietf.org" <nfsv4-chairs@ietf.org>, The IESG <iesg@ietf.org>, "nfsv4@ietf.org" <nfsv4@ietf.org>, "draft-ietf-nfsv4-multi-domain-fs-reqs@ietf.org" <draft-ietf-nfsv4-multi-domain-fs-reqs@ietf.org>
Subject: Re: [nfsv4] Stephen Farrell's No Objection on draft-ietf-nfsv4-multi-domain-fs-reqs-10: (with COMMENT)
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Aug 2016 12:30:28 -0000
Hiya, On 31/08/16 13:12, Adamson, Andy wrote: > >> On Aug 30, 2016, at 4:47 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote: >> >> Stephen Farrell has entered the following ballot position for >> draft-ietf-nfsv4-multi-domain-fs-reqs-10: No Objection >> >> When responding, please keep the subject line intact and reply to all >> email addresses included in the To and CC lines. (Feel free to cut this >> introductory paragraph, however.) >> >> >> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html >> for more information about IESG DISCUSS and COMMENT positions. >> >> >> The document, along with other ballot positions, can be found here: >> https://datatracker.ietf.org/doc/draft-ietf-nfsv4-multi-domain-fs-reqs/ >> >> >> >> ---------------------------------------------------------------------- >> COMMENT: >> ---------------------------------------------------------------------- >> >> >> - general: I agree with Kathleen who agrees with Russ' >> secdir review. [1] > > Hello Stephen > > The referenced review [1] was for draft-08. Did you review draft-08 or draft-10? I reviewed draft-10. > if this is a review of draft-10 why bring up a review of draft-08? Because, as I said, I think this draft is still overall not very clear to me. (But not to the point where it needs to be held up.) I know from my own writing that it's quite easy to consider text that one has looked at a lot to be very clear, when other readers don't find the text clear. I suspect that may be the case here. > > I responded to review [1] in draft-09 and tweeked it again in draft-10. > > Here is Russ’ secdir reveiw of draft-09 where AFAICS he feels the issues in [1] (draft-08) were addressed. > > https://www.ietf.org/mail-archive/web/secdir/current/msg06746.html Fair enough. But see above. > > >> I was left puzzled as to how this >> would be useful to readers. But I've no objection if >> that's felt to be the case. However, I'd really >> encourage the editors/WG/AD to consider that a >> number of folks (who are familiar with GSS etc.) have >> found this draft pretty unclear. >> >> [1] >> https://www.ietf.org/mail-archive/web/secdir/current/msg06642.html >> >> - abstract: 1st sentence seems unwieldy - it puzzled me >> anyway;-) > > Here it is: > > This document presents requirements on the deployment of the NFSv4 > protocols for the construction of an NFSv4 file name space in > environments with multiple NFSv4 Domains. > > I don’t get what is puzzling about it. "...requirements on the deployment ... for the construction of... in environments with... " is too many clauses for clarity IMO. Short sentences are cheap:-) And valuable in abstracts. > >> >> - (various places): Would "identifier syntax" not be >> better than "identity syntax"? There's no need to >> bikeshed on it, but I do prefer the latter a good bit in >> case that helps:-) > > I don’t see an improvement in identity syntax / identifier syntax. I can see dropping ‘identity’ > > name@domain identity syntax / name@domain syntax That's better yes. The term "identity" often brings confusion as it can imply much more than an identifier. > >> >> - 5.3: Would that "must never" in the 2nd last para be >> clearer as an RFC2119 "MUST NOT"? (Just checking.) > > It’s actually ‘must not blindly’. The original intent of that paragraph was to point out that many stand-alone NFSv4 deployments make the NFSv4 domain name the to_lower(REALM) name, insist that the POSIX user name matches the Kerberos principal name, and then map principal@REALM to a POSIX uid by dropping the @REALM and presenting the principal to the ns_switch mapper. > > This practice will not work in an NFSv4 multi-domain environment, and should not be encouraged. > > The paragraph has morphed into a form that is of no use. I’ll remove it. > >> >> - 6.1: Are there any cases of domain names that allow >> for escaping or have other syntatic features that >> involve more than just octet string comparisons to check >> domain name equality? I don't think there are, so just >> checking. If there were, then you might need to say >> something about that somewhere. > > name@domain parsing issues are dealt with in RFC7530 and RFC5661, and are not unique to an NFSv4 multi-domain deployment. > If there're pointers to those, then that's fine. (I didn't re-check if there are.) S. > —>Andy > >> >> >
- [nfsv4] Stephen Farrell's No Objection on draft-i… Stephen Farrell
- Re: [nfsv4] Stephen Farrell's No Objection on dra… Adamson, Andy
- Re: [nfsv4] Stephen Farrell's No Objection on dra… Stephen Farrell