[nfsv4] AUTH_GSS for Callbacks

rick@snowhite.cis.uoguelph.ca Wed, 29 October 2003 22:15 UTC

Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA10378 for <nfsv4-archive@odin.ietf.org>; Wed, 29 Oct 2003 17:15:27 -0500 (EST)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AEyaq-0002bn-Uy for nfsv4-archive@odin.ietf.org; Wed, 29 Oct 2003 17:15:09 -0500
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id h9TMF8hP010021 for nfsv4-archive@odin.ietf.org; Wed, 29 Oct 2003 17:15:08 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AEyaq-0002bY-Po for nfsv4-web-archive@optimus.ietf.org; Wed, 29 Oct 2003 17:15:08 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA10329 for <nfsv4-web-archive@ietf.org>; Wed, 29 Oct 2003 17:14:57 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AEyao-00051w-00 for nfsv4-web-archive@ietf.org; Wed, 29 Oct 2003 17:15:06 -0500
Received: from ietf.org ([132.151.1.19] helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 1AEyao-00051r-00 for nfsv4-web-archive@ietf.org; Wed, 29 Oct 2003 17:15:06 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AEyak-0002aP-43; Wed, 29 Oct 2003 17:15:02 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AEya8-0002Yk-Hz for nfsv4@optimus.ietf.org; Wed, 29 Oct 2003 17:14:24 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA10319 for <nfsv4@ietf.org>; Wed, 29 Oct 2003 17:14:12 -0500 (EST)
From: rick@snowhite.cis.uoguelph.ca
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AEya6-00050J-00 for nfsv4@ietf.org; Wed, 29 Oct 2003 17:14:22 -0500
Received: from snowhite.cis.uoguelph.ca ([131.104.48.1]) by ietf-mx with esmtp (Exim 4.12) id 1AEya5-00050F-00 for nfsv4@ietf.org; Wed, 29 Oct 2003 17:14:21 -0500
Received: (from rick@localhost) by snowhite.cis.uoguelph.ca (8.9.3/8.9.3) id RAA06688 for nfsv4@ietf.org; Wed, 29 Oct 2003 17:16:18 -0500 (EST)
Message-Id: <200310292216.RAA06688@snowhite.cis.uoguelph.ca>
To: nfsv4@ietf.org
Subject: [nfsv4] AUTH_GSS for Callbacks
Sender: nfsv4-admin@ietf.org
Errors-To: nfsv4-admin@ietf.org
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/mail-archive/working-groups/nfsv4/>
X-Original-Date: Wed, 29 Oct 2003 17:16:18 -0500 (EST)
Date: Wed, 29 Oct 2003 17:16:18 -0500 (EST)

It's me, confused again:-)

I've read Sec. 3.4 a couple of times and can't figure out quite what the
server is supposed to do w.r.t. GSS authentication for Callbacks.

The first para. seems to state that the server should use the same
principal the client used when doing the SetClientid. Later, it seems
to state that the server should use the form:

nfs@hostname (or nfs/hostname@REALM for Kerberos)

and then it seems to hint that this will be what the client would have
used for the SetClientID.

So, should the server use whatever principal the client provided
OR
nfs@client-hostname (with or without domain spec)
OR
nfs@server-hostname (with or without domain spec)?

I suppose it can just be left up to the sysadmin, since whatever is
used has to be in the server's /etc/krb5.keytab (or does it, I'm a
Kerberos midget), set in the exports file, or similar.

Anyhow, I'd be interested in hearing what others think, rick

_______________________________________________
nfsv4 mailing list
nfsv4@ietf.org
https://www1.ietf.org/mailman/listinfo/nfsv4