IETF Logo Mail Archive

Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrity-measurement-02.txt

"Everhart, Craig" <Craig.Everhart@netapp.com> Mon, 08 October 2018 21:17 UTC

Return-Path: <Craig.Everhart@netapp.com>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8BFEE1310AD for <nfsv4@ietfa.amsl.com>; Mon, 8 Oct 2018 14:17:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=netapp.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WZzfGgUIG_d9 for <nfsv4@ietfa.amsl.com>; Mon, 8 Oct 2018 14:17:50 -0700 (PDT)
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-cys01nam02on0611.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe45::611]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1B9A71311A3 for <nfsv4@ietf.org>; Mon, 8 Oct 2018 14:17:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netapp.onmicrosoft.com; s=selector1-netapp-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QMzIQt/IW30tElR8ALoSqxwZ1GbKy8GWB6++ND8TelA=; b=W99IU9aGWUL0GtesEtpGWSS+fUV+GHiMsJox0SkYB6SQgmwIP/EFZf3etnmKSNfTdM9xj66I5sIKEIuTzMUC7zgtWljtZEGqcdq16tyGlOSQdJ4JqphINx4YXf8kH70UuDlmwOLM68bU2TDk3mmZU9ztL+gmBycbK/SY1stZHv4=
Received: from BN6PR06MB3089.namprd06.prod.outlook.com (10.174.95.163) by BN6PR06MB3411.namprd06.prod.outlook.com (10.174.235.157) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1207.21; Mon, 8 Oct 2018 21:17:47 +0000
Received: from BN6PR06MB3089.namprd06.prod.outlook.com ([fe80::8935:a8ae:f256:fe6]) by BN6PR06MB3089.namprd06.prod.outlook.com ([fe80::8935:a8ae:f256:fe6%5]) with mapi id 15.20.1207.024; Mon, 8 Oct 2018 21:17:47 +0000
From: "Everhart, Craig" <Craig.Everhart@netapp.com>
To: Chuck Lever <chucklever@gmail.com>
CC: "nfsv4@ietf.org" <nfsv4@ietf.org>
Thread-Topic: [nfsv4] I-D Action: draft-ietf-nfsv4-integrity-measurement-02.txt
Thread-Index: AQHUXxdeq4VZRMmWm0utjltynZGocaUVO2KAgABSTgD//80uAIAAZzMA///VaQA=
Date: Mon, 08 Oct 2018 21:17:47 +0000
Message-ID: <080D3CB4-1120-4BA5-9ED1-037589BCB0CF@netapp.com>
References: <153901060913.16390.8389561648327812120@ietfa.amsl.com> <23D33FE9-54F9-40CB-AC41-23EC15603E47@netapp.com> <BACFE07D-B843-485F-97EE-4D36ABAB356F@gmail.com> <55FF4CA0-BB68-44F1-AFAC-DD1E0F9443C2@netapp.com> <B89BBD1B-C06B-4694-BB78-8BFE3B04EC36@gmail.com>
In-Reply-To: <B89BBD1B-C06B-4694-BB78-8BFE3B04EC36@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.11.0.180909
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Craig.Everhart@netapp.com;
x-originating-ip: [71.112.171.139]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BN6PR06MB3411; 6:iidZi4kfpx2vUlKdUELJ1vlw8eEHZk5/m5XV1w/oq26Hxz/ouZxUhuGujQoNgJV+W70ddnq+a3dgI+ZumO79dAJMfDT5nXVcmkjthfUENuT3ukg0dKpQwAyvWczd+AZcJkkWLrsdD++QYtnR3ERpd5uBWk6c8b+BCMkSjDFQY1V9T6lVWjFLenKyUoksWyfkZ8bV/bccgni8bkjCYwoNE0dYEQ3WoKdgaEpr97N1NWbX4vqtPKZmabedqMQgpCjxfL9KGhi8yoDP8R+WZjLaIHSVHXjIPTxZ0QjAPFRie8uZ/58Pom4TxpB5XWGfGxHk5GvS/xX2uuTG2AzxtAni2QbrLzk3E2gT6uIQ1LOz6C+dpgGyotgjC+TQs5SLttcIapiIGeNcn/0VioM4gA2aXqN78ADdWjsxZYy6/4kfGJWBietX8xv4onNK0JNt3w4lBq3Th6qOE0cy1raRKHTsOw==; 5:uTlKLAmHiMUGghuQtMCGFD5cJ1Xk2yXeYbHw6H0gjSULRr2CfQSjvTPfRI25y95HZmG2VacB2we3llLvdoIAil6p5GtJHwZKpuV7+P9pgW1qRObqV2TohuSpayJIIXPYzlwZlmb01ZvLwFj8Iuo7pYfyVVW3kZP4tkGiqMybtsU=; 7:zNuPauLZ0e8fnUDb8ygWZE1QAN0Ya21VuLIEeYKRJtJNOwlqq4P+9fyrJ5TAw5if4064m3bBG3HKPjlvrdjdYHd+FZaomCZ585b3SHiQV1U3j9067kK7EvlOX+1XeWl5V44eQVK8+uiYK5iihxHfnBVeLpfBFCDRUqAsle6cr/BvIuX/cmVRH2q8ECZzhE+a0LLN0d8RC7YSqXJPLm8xbc5VHykvRwBcUNjSGm5N99pREQhoeO0P5mGM5h/8Jfmv
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 6916393b-24fa-4f43-4b2f-08d62d637ee0
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600074)(711020)(2017052603328)(7193020); SRVR:BN6PR06MB3411;
x-ms-traffictypediagnostic: BN6PR06MB3411:
x-microsoft-antispam-prvs: <BN6PR06MB3411DF2D67AFD9F7F085F0F5F0E60@BN6PR06MB3411.namprd06.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(85827821059158);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(3002001)(93006095)(93001095)(3231355)(944501410)(52105095)(10201501046)(6055026)(149066)(150057)(6041310)(20161123558120)(20161123560045)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(201708071742011)(7699051); SRVR:BN6PR06MB3411; BCL:0; PCL:0; RULEID:; SRVR:BN6PR06MB3411;
x-forefront-prvs: 081904387B
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(346002)(39860400002)(136003)(376002)(366004)(199004)(189003)(6506007)(6512007)(476003)(1411001)(5660300001)(5250100002)(478600001)(486006)(6116002)(3846002)(2900100001)(6916009)(93886005)(256004)(6486002)(58126008)(53936002)(82746002)(97736004)(66066001)(186003)(26005)(81156014)(8936002)(81166006)(2906002)(229853002)(102836004)(446003)(71200400001)(14444005)(83716004)(71190400001)(2616005)(11346002)(4326008)(25786009)(72206003)(316002)(68736007)(105586002)(6436002)(305945005)(6246003)(76176011)(86362001)(33656002)(7736002)(99286004)(106356001)(36756003)(39060400002)(14454004)(8676002); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR06MB3411; H:BN6PR06MB3089.namprd06.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: netapp.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: iqMKm9q7+E6MhXXaEe7nx9vtUGo2+QhjJfL+MAkSW3GqZ3g9ggYprc+DSXkuh3ZaPFqr7DppYiTx69elLYSgEVYHi/yLYoWWMb0qz6zWVPI+md20npf78I68n5E8DHQADVAJsGx6q8loFM/vDu9WLxDJcCm0sD5j38++fMYKPSVhYy7O1RYK/tRgfgdqr7aITyd9UwnCo38otvISVN1+gWc4YIOHXSjV15Qb8CXzsyJMr7FzjY2yBbTruUpLi7MUK8tmmQEb32EilYMfFHDLNY5vx3xWhonDRaY+k3FYJZIoeh+OHfo3hLggNrHdgsOh7z+RCyK1EBUTzv2sCtmChVzb1rhIsmN9W+puWyQdjx0=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <4C413FF371994A4E91D5509B346C5C22@namprd06.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: netapp.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6916393b-24fa-4f43-4b2f-08d62d637ee0
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Oct 2018 21:17:47.1133 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4b0911a0-929b-4715-944b-c03745165b3a
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR06MB3411
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/f59niymS7gDo1LtTtUtEejw_LEE>
Subject: Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrity-measurement-02.txt
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Oct 2018 21:17:59 -0000

Hi Chuck, I guess I don't understand this.

On 10/8/18, 3:50 PM, "nfsv4 on behalf of Chuck Lever" <nfsv4-bounces@ietf.org on behalf of chucklever@gmail.com> wrote:

    >You're declaring that kind of interaction to be not well-defined.  Why?
    
    This is precisely because the file system plays no part in provenance
    assessment.
    
    If you want the server to do the assessment for all clients that access
    it, there's no need to expose FPI via NFS. A trust relationship must
    exist between the clients and server, of course,

And, because of the opaque nature of the specification, I have no reason to understand why this "of course" would have to be the case--or, for that matter, why the first sentence is true.  Intuitively, it's not obvious.  If there's a defect in my intuition, I believe that the document has done little to correct my defects.

    and there would need
    to be a strong guarantee that the network between the server and clients
    is of very high integrity. Perhaps the use of a GSS integrity service
    would be required in such a use case.

Why does this impose additional requirements on this OPTIONAL, but otherwise completely opaque, service?  What additional requirements does it levy?  Why wouldn't, for example, it be totally adequate to apply other techniques for recovering incompatibility?  For example, if the provenance information were to include, effectively, a checksum of the content, what is the range of meaningful actions available to the provenance assessor if the file object's checksum were not to match that in the provenance's checksum?

-----

My point in most of this is that one gives up a huge amount of understanding when the content semantics is completely opaque, as in this case.  Fine--it can be optional--but if it is present, what does it mean?  How should an implementation treat it?  What kind of implementation can someone write if they look only at the specification?

		Craig

v2.23.0 | Report a Bug | By Email