[nfsv4] Kathleen Moriarty's No Objection on draft-ietf-nfsv4-xattrs-05: (with COMMENT)
Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com> Thu, 25 May 2017 02:40 UTC
Return-Path: <Kathleen.Moriarty.ietf@gmail.com>
X-Original-To: nfsv4@ietf.org
Delivered-To: nfsv4@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id A15C71293DB; Wed, 24 May 2017 19:40:36 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-nfsv4-xattrs@ietf.org, Spencer Shepler <spencer.shepler@gmail.com>, nfsv4-chairs@ietf.org, spencer.shepler@gmail.com, nfsv4@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.51.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <149568003661.8705.7204609864321779500.idtracker@ietfa.amsl.com>
Date: Wed, 24 May 2017 19:40:36 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/baW3vyrh5ZTru4SYXKeLOL9xbLY>
Subject: [nfsv4] Kathleen Moriarty's No Objection on draft-ietf-nfsv4-xattrs-05: (with COMMENT)
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.22
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 May 2017 02:40:36 -0000
Kathleen Moriarty has entered the following ballot position for draft-ietf-nfsv4-xattrs-05: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-nfsv4-xattrs/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- I agree with the SecDir review about removing the nested references in the security considerations section. https://www.ietf.org/mail-archive/web/secdir/current/msg07386.html The security considerations section does exist and states that file attribute extensions adds no new concerns than that of file data and named attributes. It defers to the security considerations of application data in NFSv4.2 (RFC 7862), which refers to NFSv4.1 (RFC 5661). 5661 discusses possible MITM and down-grade attacks and how to mitigate them with RPCSEC_GSS (integrity or privacy services). I agree with this assertion, though I'd rather have the draft reference 5661 directly or RFC 7530. And support EKR's discuss.
- [nfsv4] Kathleen Moriarty's No Objection on draft… Kathleen Moriarty