IETF Logo Mail Archive

Re: [nfsv4] New Version Notification for draft-dnoveck-nfsv4-security-04.txt

Brian Pawlowski <beepee@gmail.com> Thu, 06 January 2022 07:12 UTC

Return-Path: <beepee@gmail.com>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 02B3A3A09A8; Wed, 5 Jan 2022 23:12:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3wROsiFwwCfg; Wed, 5 Jan 2022 23:12:40 -0800 (PST)
Received: from mail-pg1-x52d.google.com (mail-pg1-x52d.google.com [IPv6:2607:f8b0:4864:20::52d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9D6FB3A09A6; Wed, 5 Jan 2022 23:12:40 -0800 (PST)
Received: by mail-pg1-x52d.google.com with SMTP id f8so1840597pgf.8; Wed, 05 Jan 2022 23:12:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:subject:from:in-reply-to :date:cc:message-id:references:to; bh=ul88Vjg0nKVzuK5plTrjhujXdfV7vYVxnhfv+i+0vWQ=; b=HGp+Trl39fyNkEdrDwiNd/sXzPcl4X4P3mjDzW7qsz3B7BPU6S2/v37ciYNPHn3a6e LCLmDwL6Ijbn/jUSFrucNtdA3uSUfQE1pHOXpvIZCl2KuKRf7WDFKqFY9pst2GoxzLlh mT+6PCqyf+YxMHxYC/wFbbWotm20Tio6LMa3IGO6MaNEijBIcxbrXAGEoFIarrNynSFI jTGFnlRI7wLPZFLqQbwFQAFOqEwZu7iYBEHpTTDcjxWZYMqYU2u5q1P5AdH/Gm/sVSJs eDKywzV3yl1Cz2jtFdGG08n4I9BFuR/7gNnEHJf/KzupTuNnevPQAtYGCfU935Kr/Z8p cdUA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:content-transfer-encoding:mime-version:subject :from:in-reply-to:date:cc:message-id:references:to; bh=ul88Vjg0nKVzuK5plTrjhujXdfV7vYVxnhfv+i+0vWQ=; b=QSGNrPi7DWC8OGhjNNC34PrxEDXxlmJMnrBsIYB61wFUNv/SdiiqM6cqOyMn5xxbMQ 2HAZLipGbJVhqchmbnhj/ISw8xvN55J8q1FH+JMYN14HbSdnrSZEQ0AzD+W08eOZTh6+ WSpBxZ6xCf7tZ7qN8qH3svp0U/E7jO3JG60NDz2EWFp8nyK50v/KPQ2YU9PBXYsU6d4h ovn38g6a625jhI5GS6jG7+JfdOuy4c1wcBSWGe/z5Adw5eJjJzKbipOguRAoY7jkG5El I1sUJyRq7hSYW4dmba61+wH7BbTGOPF0oymhcfIhO3sguSQgvzUAgUEha71XgNhtMqw3 wr9g==
X-Gm-Message-State: AOAM531YjQNNaFy0m6z4Fpjmw0whHxPRTJfavggGEfOtJQuRsuOPMc30 vh8XsfXh6FXmi4BLi77x12Qwa3loACu75Q==
X-Google-Smtp-Source: ABdhPJz14o2Dzj4SEoMN39+WzBlTG3S9dhbGCdCE7LcRTMjN0Wuy4z+Vz4ZRsDO/AKtF4rqqSlBITQ==
X-Received: by 2002:a63:4d0d:: with SMTP id a13mr50250493pgb.411.1641453159190; Wed, 05 Jan 2022 23:12:39 -0800 (PST)
Received: from smtpclient.apple (c-73-162-21-162.hsd1.ca.comcast.net. [73.162.21.162]) by smtp.gmail.com with ESMTPSA id m16sm1382923pfk.32.2022.01.05.23.12.38 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 05 Jan 2022 23:12:38 -0800 (PST)
Content-Type: multipart/alternative; boundary="Apple-Mail-975D8260-076B-4428-A04D-BE6C8BC2D4BE"
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (1.0)
From: Brian Pawlowski <beepee@gmail.com>
In-Reply-To: <CADaq8jcXitpCCA+y3u6dYxGM95rfX6UtuZTm27g=Ht6=8x3+Qw@mail.gmail.com>
Date: Wed, 05 Jan 2022 23:12:37 -0800
Cc: NFSv4 <nfsv4@ietf.org>, nfsv4-chairs <nfsv4-chairs@ietf.org>, nfsv4-ads@ietf.org
Message-Id: <994246F9-C24A-43F0-B016-8C8DE05A39D4@gmail.com>
References: <CADaq8jcXitpCCA+y3u6dYxGM95rfX6UtuZTm27g=Ht6=8x3+Qw@mail.gmail.com>
To: David Noveck <davenoveck@gmail.com>
X-Mailer: iPhone Mail (19C57)
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/mRKLIF5hOdFBrcfHBN-5jzFFZuA>
Subject: Re: [nfsv4] New Version Notification for draft-dnoveck-nfsv4-security-04.txt
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Jan 2022 07:12:45 -0000

Happy New Year everyone. 

I’d like to determine consensus on adoption of the draft security-04 described below. 

Apologies for delayed ask :-/ Dave posted this on 12/24 and the ask of group was on whether to adopt this draft as a formal working group document and a work item. 

I looked at the detailed comments since Dave’s email, they don’t preclude adoption of the document. We’ll sweep the detailed comments forward as working group business.

Please give me yays (adopt) or nays (with reason and description of what the objection us) please.

— Brian Pawlowski

On Dec 24, 2021, at 05:49, David Noveck <davenoveck@gmail.com> wrote:


I've just posted security-04.   Thanks to Rick Macklem and Chuck Lever who made important suggestions that I hope are correctly addressed in this version.  An rfcdiff with -03 is not small but it is helpful to see what has changed.

As previously discussed, I am proposing that the working group adopt this draft as a working group document.   I expect Brian and Zahed to set the timeline for that discussion.

Please let me know about your suggestions for -05.

---------- Forwarded message ---------
From: <internet-drafts@ietf.org>
Date: Fri, Dec 24, 2021 at 8:31 AM
Subject: New Version Notification for draft-dnoveck-nfsv4-security-04.txt
To: David Noveck <davenoveck@gmail.com>



A new version of I-D, draft-dnoveck-nfsv4-security-04.txt
has been successfully submitted by David Noveck and posted to the
IETF repository.

Name:           draft-dnoveck-nfsv4-security
Revision:       04
Title:          Security for the NFSv4 Protocols
Document date:  2021-12-24
Group:          Individual Submission
Pages:          129
URL:            https://www.ietf.org/archive/id/draft-dnoveck-nfsv4-security-04.txt
Status:         https://datatracker.ietf.org/doc/draft-dnoveck-nfsv4-security/
Html:           https://www.ietf.org/archive/id/draft-dnoveck-nfsv4-security-04.html
Htmlized:       https://datatracker.ietf.org/doc/html/draft-dnoveck-nfsv4-security
Diff:           https://www.ietf.org/rfcdiff?url2=draft-dnoveck-nfsv4-security-04

Abstract:
   This document describes the core security features of the NFSv4
   family of protocols, applying to all minor versions.  The discussion
   includes the use of security features provided by RPC on a per-
   connection basis.

   This preliminary version of the document, is intended, in large part,
   to result in working group discussion regarding existing NFSv4
   security issues and to provide a framework for addressing these
   issues and obtaining working group consensus regarding necessary
   changes.

   When a successor document is eventually published as an RFC, it will
   supersede the description of security appearing in existing minor
   version specification documents such as RFC 7530 and RFC 8881.




The IETF Secretariat

v2.23.0 | Report a Bug | By Email