Re: [nfsv4] [secdir] SECDIR Review of draft-ietf-nfsv4-umask-03
Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com> Wed, 14 June 2017 17:40 UTC
Return-Path: <spencerdawkins.ietf@gmail.com>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B99B1200FC; Wed, 14 Jun 2017 10:40:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p_9oxJ-pNC3M; Wed, 14 Jun 2017 10:40:03 -0700 (PDT)
Received: from mail-yw0-x231.google.com (mail-yw0-x231.google.com [IPv6:2607:f8b0:4002:c05::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 35BEF1201F2; Wed, 14 Jun 2017 10:40:03 -0700 (PDT)
Received: by mail-yw0-x231.google.com with SMTP id l75so4712182ywc.3; Wed, 14 Jun 2017 10:40:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=b1j10UnxpiFrDeKYCHAlI+kB5GsygW3Vj+Y6sNFXnNw=; b=qqVllfhXUvXfCSt8A0ql5YMqT9UXlLk1mvMe3GwqU/ltv1QpOdwmxqCWvzSgWuq2oA sHy/vYyj/lTB22ov2PQ+feRHYIbY306KOYKtWtOFa3Zb34KQEIx15kvwzsu78SpCghSf bnFiNU74miy6HRu2hRSnSK+CGHF1Fek+K7cCajLh2CfzvjRdw2+sHHXpkkV6Gd2d0KSt ot+OVim4xk0bOMearVVItXz2hmPcFjjNxVhq3sYmtKWfWC/mUhkzFyr4qCGH4TutVOxQ qGEc3T7EUcqpM3ZqDJLkdG5YhNGSknnNFalbpA/IeeZBVMCeBP+gDe7SggsvfwBq5zQu 48wA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=b1j10UnxpiFrDeKYCHAlI+kB5GsygW3Vj+Y6sNFXnNw=; b=KPxv9Yx8gZNsdq9yHsXmvAUYuN1xE8OXpl4WEX4RAepmeTmK1df//v4hnA8NJwtte8 8RTUuQS0GWHMgEnlIJY9lbYc+VXX7OEbPrHKHgiQSI8Xg8xKprnmG3cS4NgB31gof3ZY 0cN85feVK+WGZsBC6CnkCqjYQCVRkcLpe/QxCD0UsoCSOZYw5g8U1ThmU4sPDQSF4JcR FDjLky0CvcVzt/EWNLG8tAZX4No7WOtjUbnIFvIHEf+hE+Qs7bFahNQzjd1ZUTZLbOMD zqOGdalHP0jp5tIugpireGjRAMvHHjufQEXvGjl3Gs++x3YOXg0aZLZQNCQh9ashR6D5 vtng==
X-Gm-Message-State: AKS2vOwgeWMrX4IDl0q3IL1yxzo2qIK8iTDxmyeO7XzNea6iWzAJ8EL+ dN7WB5pOVAixu1M23hedf6Tr3qUbXg==
X-Received: by 10.13.228.69 with SMTP id n66mr1020937ywe.275.1497462002224; Wed, 14 Jun 2017 10:40:02 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.37.216.85 with HTTP; Wed, 14 Jun 2017 10:40:01 -0700 (PDT)
In-Reply-To: <CAMm+LwiFruUXbnUnLexuJUnD_psYt1D_FGg9_zHJOzSB3CK0jA@mail.gmail.com>
References: <CAMm+Lwh+E+BsATQmmX6ccJou-sz1XNtFHxQZikohYCeT0qkfdQ@mail.gmail.com> <CAKKJt-fsJ1UinNiW2LitxVQT4M1YqnFF+1cygU132=bQNgiUnA@mail.gmail.com> <CADaq8jd+6gN2H0QWC+dM-e3pb1gUJKLE7=8PPpprGGKBQZhueg@mail.gmail.com> <CACsn0cnd0L2o2Db6OA1Uvp-C+geA+Ju-7E8Yo=OKS1V3P4G8sA@mail.gmail.com> <20170605165254.GE2903@localhost> <CADaq8jcOD8eodG6-jguvy3xytMkAwBhmWUTxF-eXhjxZGymXGA@mail.gmail.com> <20170606160032.GC3432@localhost> <CAKKJt-f4-+VzZD++bKS1-+ZyWzByuTE9tjncwnV_2Mhj4JucoA@mail.gmail.com> <CAMm+LwiFruUXbnUnLexuJUnD_psYt1D_FGg9_zHJOzSB3CK0jA@mail.gmail.com>
From: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>
Date: Wed, 14 Jun 2017 12:40:01 -0500
Message-ID: <CAKKJt-cesF1du74JnarGDhdih3BBp1bAjascYnwA9D3M-JJJ3Q@mail.gmail.com>
To: Phillip Hallam-Baker <phill@hallambaker.com>
Cc: Nico Williams <nico@cryptonector.com>, David Noveck <davenoveck@gmail.com>, Watson Ladd <watsonbladd@gmail.com>, "secdir@ietf.org" <secdir@ietf.org>, NFSv4 <nfsv4@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c034ce4b51c160551ef0acc"
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/UT_kE5N2rdM9gtPIMLWWFTtsAR4>
Subject: Re: [nfsv4] [secdir] SECDIR Review of draft-ietf-nfsv4-umask-03
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Jun 2017 17:40:11 -0000
Hi, Phillip, On Tue, Jun 13, 2017 at 9:57 PM, Phillip Hallam-Baker <phill@hallambaker.com > wrote: > On Wed, Jun 7, 2017 at 3:08 AM, Spencer Dawkins at IETF > <spencerdawkins.ietf@gmail.com> wrote: > > > The document is approved. We now approve documents with no Discuss > ballot > > positions, but can still make changes to resolve comments that arise > during > > IESG Evaluation, if that's appropriate. > > > > I read Phillip's SECDIR review with interest. It does not seem to apply > to > > this draft, any more than to the rest of NFSv4, so I wouldn't hold up > this > > draft to pursue the issues Phillip raised. > > > > Those issues do seem to be a useful input to NFSv4, as the working group > > considers a charter update (after finishing quite a lot of work, and > thanks > > to you all for that). > > That was the sense in which it was written. Its like when you take the > car in to get the tires changed and they mention it has no brakes. > For your amusement, I was trying to install Lubuntu on an older desktop system, and fell down the hall of mirrors of - "oh, it's too old to boot from USB", - "oh, the current 'CD images' won't fit on a 700-MB CD so you need to find an older release", - "oh, it can't create a bootable CD because XP Home didn't support that", - "oh, it has disk errors when installing from CD" ... and in the middle of all that, Mozilla popped up and said "your Mozilla release is no longer supported on your operating system, and the oldest release that would run on your operating system isn't supported either, so you should upgrade your operating system". So, I can relate to your analogy better today than I would have a week ago. > Different things, yes. But something I am going to point out. > And thank you for that. The NFSv4 working group has a recharter discussion on their agenda for Prague, so your timing is perfect for them to consider their security situation. Spencer
- Re: [nfsv4] SECDIR Review of draft-ietf-nfsv4-uma… Spencer Dawkins at IETF
- Re: [nfsv4] SECDIR Review of draft-ietf-nfsv4-uma… David Noveck
- Re: [nfsv4] [secdir] SECDIR Review of draft-ietf-… Watson Ladd
- Re: [nfsv4] SECDIR Review of draft-ietf-nfsv4-uma… Phillip Hallam-Baker
- Re: [nfsv4] SECDIR Review of draft-ietf-nfsv4-uma… Nico Williams
- Re: [nfsv4] [secdir] SECDIR Review of draft-ietf-… Nico Williams
- [nfsv4] RPCSEC_GSS analysis (was Re: [secdir] SEC… Nico Williams
- Re: [nfsv4] RPCSEC_GSS analysis (was Re: [secdir]… Nico Williams
- Re: [nfsv4] [secdir] SECDIR Review of draft-ietf-… David Noveck
- Re: [nfsv4] [secdir] SECDIR Review of draft-ietf-… David Noveck
- Re: [nfsv4] [secdir] SECDIR Review of draft-ietf-… Nico Williams
- Re: [nfsv4] [secdir] SECDIR Review of draft-ietf-… Spencer Dawkins at IETF
- Re: [nfsv4] [secdir] SECDIR Review of draft-ietf-… David Noveck
- Re: [nfsv4] [secdir] SECDIR Review of draft-ietf-… Phillip Hallam-Baker
- Re: [nfsv4] [secdir] SECDIR Review of draft-ietf-… Spencer Dawkins at IETF