Re: [nfsv4] Stephen Farrell's No Objection on draft-ietf-nfsv4-minorversion2-40: (with COMMENT)
Tom Haynes <thomas.haynes@primarydata.com> Sat, 23 January 2016 00:13 UTC
Return-Path: <thomas.haynes@primarydata.com>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5B041B2D77 for <nfsv4@ietfa.amsl.com>; Fri, 22 Jan 2016 16:13:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LF1WDWsyV245 for <nfsv4@ietfa.amsl.com>; Fri, 22 Jan 2016 16:13:20 -0800 (PST)
Received: from mail-pa0-x231.google.com (mail-pa0-x231.google.com [IPv6:2607:f8b0:400e:c03::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 54D761B2D78 for <nfsv4@ietf.org>; Fri, 22 Jan 2016 16:13:20 -0800 (PST)
Received: by mail-pa0-x231.google.com with SMTP id cy9so49293666pac.0 for <nfsv4@ietf.org>; Fri, 22 Jan 2016 16:13:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=primarydata-com.20150623.gappssmtp.com; s=20150623; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=vN1hXCGMPapDE4o/azkg40ST6YPSjjHLifM8j95BHBM=; b=FadjGaaRgiwTnTOtDa8UpR0vFgcnDUvWRNBcmnQW9QV4fPA6Vpf4575a8ZJaWKbQ9g dWWAtF5xzFLh+th5zQjLdvSRkJTgxEbSM/1j35kXguNsCYLTnQpu++Prf0/3VWrsXNHy 4gZQVvFixqOH5a7XFhiTQqIwfyHOfoI5XvDs40MGOKizX7A8FCFUyPpSPO/koj0etSM8 4lLS6Huz7Sr+T3xdTtpgsmY0VxRr0KDMWRwcconYx+t1MVWFexBtS1kIMpK8/PIhke1X trcEpwiQIpHdSp8DOWR32+kovn5zfQoltlWT/xjKyFF5HghxYG8g/Dy3muYi5kGOEWxE ReXw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:mime-version:subject:from :in-reply-to:date:cc:content-transfer-encoding:message-id:references :to; bh=vN1hXCGMPapDE4o/azkg40ST6YPSjjHLifM8j95BHBM=; b=hOmJ9/zJmoEtR/qKgqVnetR2qWFFq++q/a8P7xo0DBowhfR1lsyFyR014bzVUlP6/2 u4fbXghSBRge+knEGPqnsYi2ogry/IZ8TFMTP+MsZ0YM5AxSteMaIr1wAYedzOp9l3rC 8wFRVVA5RZ2eqEIuQotAHwwAtjKQz6W3XcUUgUa6DMN0ikiwR825dCpHOftIUAF4V9c5 G0ISVDvLlbGixKUl5U9JqM2G58zc7xcD4MqYF5+tG1Qux5Iy6OsdCoqueW+s55kwbT57 YzF0AABBmR2nbdzxrKBGBr71I4CXA9Mb7biKOGG0o3xH62aKCQkcXfgIwp8WoI7rzwaz /tJg==
X-Gm-Message-State: AG10YOQVr01okDDYKUgBLMR3Zilr9M8udGXLDbNY3XhXKAuUsIOCH9WrD+LNmy/ajFkZcP8a
X-Received: by 10.66.121.194 with SMTP id lm2mr8465402pab.27.1453508000006; Fri, 22 Jan 2016 16:13:20 -0800 (PST)
Received: from kinslayer.corp.primarydata.com (63-157-6-18.dia.static.qwest.net. [63.157.6.18]) by smtp.gmail.com with ESMTPSA id o67sm12147140pfa.58.2016.01.22.16.13.19 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 22 Jan 2016 16:13:19 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 9.2 \(3112\))
From: Tom Haynes <thomas.haynes@primarydata.com>
In-Reply-To: <20160121141530.8170.25186.idtracker@ietfa.amsl.com>
Date: Fri, 22 Jan 2016 16:13:18 -0800
Content-Transfer-Encoding: quoted-printable
Message-Id: <166532A7-FDCC-4021-8314-8CCD2DB36703@primarydata.com>
References: <20160121141530.8170.25186.idtracker@ietfa.amsl.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
X-Mailer: Apple Mail (2.3112)
Archived-At: <http://mailarchive.ietf.org/arch/msg/nfsv4/bdKsl7c1l06vs0H62FWduxcvEUQ>
Cc: nfsv4-chairs@ietf.org, The IESG <iesg@ietf.org>, nfsv4@ietf.org, draft-ietf-nfsv4-minorversion2@ietf.org
Subject: Re: [nfsv4] Stephen Farrell's No Objection on draft-ietf-nfsv4-minorversion2-40: (with COMMENT)
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Jan 2016 00:13:22 -0000
Hi Stephen, Thanks for the comment, responses inline > On Jan 21, 2016, at 6:15 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote: > > Stephen Farrell has entered the following ballot position for > draft-ietf-nfsv4-minorversion2-40: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-nfsv4-minorversion2/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > > > - 1.3.2: I'm just curious, feel free to ignore. Does anyone > maintain those posix specs these days? (e.g. > [posix_fadvise]). No clue :-) > > - 1.4: "a new arm" isn't clear to this reader, maybe > consider re-phrasing if this isn't a common NFS term (if it > is, that's fine) > No, not a NFS term. How about this: NFSv4.2, it is possible to add a new arm (i.e., a new entry in the union and a corresponding new field in the structure) in a subsequent minor version. And it is also possible to move such an operation > - 4.10: thanks for providing all that! > > - 4.10: possibly dumb question: does this (or NFSv4) support > what a user would perceive as an encrypting file system > where the keys are held-by/derived from something on the > user's machine? If so, and if the two servers involved use > keys known at the user's machine and not by the NFS > infrastructure then I'm not sure how this can work. IOW, if > there's a decryption and then a re-encryption required in a > server-server copy and if that needs any keying material > from the client then could that ever work? Note that I'm not > talking about securing the file during the server-server > copy but de-crypting before sending and then re-encrypting > before storing. Petty sure that Kerberos provides for this. > > - 9.6: Is it considered a requirement that e.g. a user > cleared to secret cannot tell if there is anything stored > that is of higher classification? In Section 9.2, it states: o MUST NOT expose an object to either the client or server name space before its security information has been bound to it. And the definition of “bound” belongs to the security implementation being defined. I.e., I mean seLinux, Trusted Solaris, etc. > If so, did anyone go > through all NFS interfaces to check if e.g. disk or > directory usage information could give away the fact that > there is stuff stored that's not visible to this user? In a Limited Server, this is clearly not met. In a Full Mode implementation, a policy might exist that allowed the server to let the client make such decisions. > I'm > not arguing that this definitely needs to be done > exhaustively, but maybe consider adding a caveat emptor > sentence somewhere saying that even with MAC, it could be > that NFS allows for some minor meta-data leakage such as the > above. > >
- [nfsv4] Stephen Farrell's No Objection on draft-i… Stephen Farrell
- Re: [nfsv4] Stephen Farrell's No Objection on dra… Tom Haynes
- Re: [nfsv4] Stephen Farrell's No Objection on dra… Chuck Lever
- Re: [nfsv4] Stephen Farrell's No Objection on dra… Stephen Farrell
- Re: [nfsv4] Stephen Farrell's No Objection on dra… Benjamin Kaduk
- Re: [nfsv4] Stephen Farrell's No Objection on dra… Stephen Farrell
- Re: [nfsv4] Stephen Farrell's No Objection on dra… Tom Haynes