[nfsv4] Draft Minutes from San Francisco IETF March 18 meeting
Brian Pawlowski <beepy@netapp.com> Fri, 11 April 2003 20:01 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA27934 for <nfsv4-archive@odin.ietf.org>; Fri, 11 Apr 2003 16:01:57 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h3BK8Ht25507 for nfsv4-archive@odin.ietf.org; Fri, 11 Apr 2003 16:08:17 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h3BK8H825504 for <nfsv4-web-archive@optimus.ietf.org>; Fri, 11 Apr 2003 16:08:17 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA27917 for <nfsv4-web-archive@ietf.org>; Fri, 11 Apr 2003 16:01:26 -0400 (EDT)
Received: from localhost ([127.0.0.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.12) id 1944kl-0005Kl-00 for nfsv4-web-archive@ietf.org; Fri, 11 Apr 2003 16:04:03 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 1944kl-0005Kh-00 for nfsv4-web-archive@ietf.org; Fri, 11 Apr 2003 16:04:03 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h3BK86825454; Fri, 11 Apr 2003 16:08:06 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h3BG3c804975 for <nfsv4@optimus.ietf.org>; Fri, 11 Apr 2003 12:03:38 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA18212 for <nfsv4@ietf.org>; Fri, 11 Apr 2003 11:56:54 -0400 (EDT)
Received: from localhost ([127.0.0.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.12) id 1940w5-0003OL-00 for nfsv4@ietf.org; Fri, 11 Apr 2003 11:59:29 -0400
Received: from mx01.netapp.com ([198.95.226.53]) by ietf-mx with esmtp (Exim 4.12) id 1940w5-0003Ny-00 for nfsv4@ietf.org; Fri, 11 Apr 2003 11:59:29 -0400
Received: from frejya.corp.netapp.com (frejya [10.10.20.91]) by mx01.netapp.com (8.12.9/8.12.9/NTAP-1.4) with ESMTP id h3BFwvFB012629 for <nfsv4@ietf.org>; Fri, 11 Apr 2003 08:58:57 -0700 (PDT)
Received: from tooting-fe.eng (tooting-fe.eng.netapp.com [10.56.10.118]) by frejya.corp.netapp.com (8.12.9/8.12.9/NTAP-1.4) with ESMTP id h3BFwuAb013194 for <nfsv4@ietf.org>; Fri, 11 Apr 2003 08:58:56 -0700 (PDT)
Received: (from beepy@localhost) by tooting-fe.eng (8.11.6+Sun/8.11.6) id h3BFwtw28786 for nfsv4@ietf.org; Fri, 11 Apr 2003 08:58:55 -0700 (PDT)
From: Brian Pawlowski <beepy@netapp.com>
Message-Id: <200304111558.h3BFwtw28786@tooting-fe.eng>
To: nfsv4@ietf.org
X-Mailer: ELM [version 2.4ME++ PL40 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
Subject: [nfsv4] Draft Minutes from San Francisco IETF March 18 meeting
Sender: nfsv4-admin@ietf.org
Errors-To: nfsv4-admin@ietf.org
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/nfsv4/>
X-Original-Date: Fri, 11 Apr 2003 08:58:55 -0700 (PDT)
Date: Fri, 11 Apr 2003 08:58:55 -0700
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
NFS Version 4 Working Group IETF 56 San Francisco minutes Network File System Version 4 (nfsv4) ------------------------------------- Chair(s): Robert Thurlow <Robert.Thurlow@eng.sun.com> Brian Pawlowski <beepy@netapp.com> Document Editor: Spencer Shepler <shepler@eng.sun.com> AGENDA: Tuesday March 18 0900-1130 (2.5 hours) Welcome and Introduction (Pawlowski) 5 min Agenda bash etc. - BLUE SHEETS - NOTE WELL - Status of drafts Connectathon results and issues (Shepler) 10 min Where's RFC3010bis? (Shepler) 5 min Minor revisions to NFSv4 (Thurlow) 20 min Recent drafts (Eisler) 40 min - XDR update: draft-ietf-nfsv4-rfc1832bis-00.txt - SECINFO changes: draft-eisler-nfsv4-secinfo-00.txt - Credential Cache GSS Mech: draft-eisler-nfsv4-ccm-00.txt Migration/replication status (Thurlow) 10 min From Repl/Mig to a global namespace (Thurlow) 20 min NFS and RDMA/RDDP work (Pawlowski) 10 min Review of work items (Shepler/Pawlowski) 15 min - API GSSAPI advancement - MIB draft resurrection - RPC/XDR/RPCSEC_GSS RFC plans Open discussion (Pawlowski) 10 m Wrapup (Pawlowski) 5 m MINUTES beepy welcomed, blue sheets and noted well. Agenda bashed mercilessly. Spencer Shepler reported on RFC 3010 revision. Waiting for 48 hour author review - RFC3010bis - in RFC editor's queue. Connectathon 2003 - good results, had 5 implementations there, did some recovery testingand Kerberos testting/GSSAPI. We've hit stride with twice a year off cycle testing, June and October, for implementations.. Next testing is first week of June in Ann Arbor, MI; another bake-a-thon event October in Austin. Rob Thurlow reported on minor revisioning. Minor version is defined by the base specification. What remains is policy for management of minor revisions from a working group perspective. Rob defined minor revisions bounding (new minor version does not eliminate previous version support, client server will negotiate down version). Can add new ops within COMPOUND, add mode bits, attributes. But our policy in when to spin and why a new revision. Rob discussed asynchronous feature driven minor versioning sort of vs. a train model. People are tending towards the "train model". Rob slides mention all this. This discussion will be pursued on the WG alias. Train model procedure to be defined and vetted within context of IETF. sob entered with IETF feedback and move to reduce number of working groups in transport area. NFS V4 has options on how to handle minor versions. Brent Callaghan questioned a 1 year train model with length of IETF process - sob suggested the IETF process is fast enough for a well working working group. Mike Eislers's drafts: XDR - want to raise it to full standard, needed some work to come into line with current RFCs, mainly ISOC copyright and IANA considerations, trademark updates, etc. Can find change bars on Mike's URL. Comment from Scott - will we require some level of review before things get revised? Mike will add text. SECINFO changes - issues from alias. 1) Needs args analogous to LOOKUP, but can't access a parent directory like LOOKUPP - this will be SECINFO_NO_NAME, subargs "current" and "parent". Need to provide a way to do this. 2) Need to be able to cross a boundary between security domains 3) Need to permit SECINFO to encode more flavors than a few explicitly listed. Question: do we want a style more analogous to LOOKUP/LOOKUPP and use SECINFOP and SECINFOC instead? No, probably better this way for minor rev. Question: can we not do domain crossing? Can, but it's not fully specified; this will clarify. Question: why do we not just apply this work to currfh? A: want to limit the ops which have to handle NFS4ERR_WRONGSEC. CCM - waited for David Black. Want to be able to use a cheaper security mechanism when we're using IPSec/TLS/SSH underneath. Want to authenticate heavily just once, bind to the secure transport, and cache the creds. -00 draft obsolete - it was proposed that we change to a simpler wrapper mechanism, and that was accepted. Issues: MUST specify channel bindings for end-to-end security? Without, can have man-in-the-middle attacks before client and server authentication, in theory. Problem: no channel bindings are defined in deployed secure transports. Proposal: SHOULD rather than MUST for channel bindings, SHOULD let users set policy to require it, and CCM should negotiate it. David Black - agrees that channel bindings are not a MUST. TLS, FCIP both deal with a nonce handshake to do simpler binding to transport. FCIP needs it because it does not try to do authentication in-band. Mike: promote this as a WG item. David: strongly agree, because we need this badly for RDDP. Rob Thurlow summarized migration/replication. Discussed state of current draft. Trying to come up with a protocol good enoughbut not to complex. Related to replication/migration is thinking ona global name space. The AFS attack. See Rob's slides. AFS users seeking one global name space and delegated management for local control of portions of the name space. Automounter has proven an inadequate solution (not generally applicable). Rob listed the limitations of Automounter. Current V4 protocol does not provide mechanism for enumerating the replicas of a given file system. Only provides list of possibilities. (which is not the same thing). beepy vectored into a little history as to why we avoided swallowing the AFS whale at the start of the NFS Version 4 work. AFS solved the heterogeneous distributed file system problem by dictating a single solution that made everything look the same. Treading carefully in this space. Rob Thurlow to carefully investigate delivery date of Informational RFC describing Sun use of LDAP for naming (Automounter). (Eisler had paused during his security presentation and resumed when David Black returned to get some feedback.) David Black and Eisler discussed fine points. David said that one thing on alias was not covered: what about another issue of reuse of cached credentials reused over another TCP connection - a crucial difference between iSCSI use and proposed CCM work. David said iSCSI binds the credentials to a TCP connection maintaining the IPsec context (disallowing migration). Eisler agrees. Julian Satran jumped in a bit - a nonce, Eisler to follow up with Julian. David suggests FCIP plays this sort of game. Mike to follow up. Eisler feels other than issues WG feels it is worthwhile pursuing. David strongly seconds that. In context of RDDP tie in. RDDP work items (beepy) - RDDP or RDMA promotes direct data placement by a smart NIC directly into application buffers. Our charter now includes us producing a problem statement and a requirements document for NFS and related technologies' use of RDDP and RDMA. Main reason to stop there is because there is not yet an RDDP protocol, and we don't want to wag the dog. After AD review, we will hope to consider making changes to NFS or RPC or both to make use of the protocol. Next action: form a subgroup to whack this together. Beepy - other documents. To take NFSv4 to Draft, we need to move a bunch of normative references ahead, either ourselves or in cooperation with other groups. GSS-API C and Java bindings are being worked now, need to conference with Scott Bradner. Need to get re-engaged with MIBs and other Other issues: >From Mike Eisler - RPC program # registration - retrieved document from IANA - but no progress. Rob needs to follow up. David Black and Mike Eisler thanked Sun for sponsoring the IETF. Shepler proposes high bandwidth one day meeting in June in connection with testing event at UMich. beepy RTFM the IESG web page. The group ended with a bug thank you to our outgoing Area Director Scott Bradner for his guidance and support througout the development of the V4 protocol. _______________________________________________ nfsv4 mailing list nfsv4@ietf.org https://www1.ietf.org/mailman/listinfo/nfsv4
- [nfsv4] Draft Minutes from San Francisco IETF Mar… Brian Pawlowski