Re: [nfsv4] Documents, pre-drafts, and submission plans for documents related to the new security discussion to be part of the rfc5661bis effort.
Brian Pawlowski <beepee@gmail.com> Mon, 04 March 2024 18:25 UTC
Return-Path: <beepee@gmail.com>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55214C15792A for <nfsv4@ietfa.amsl.com>; Mon, 4 Mar 2024 10:25:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.104
X-Spam-Level:
X-Spam-Status: No, score=-7.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iTC6ufDUhwdI for <nfsv4@ietfa.amsl.com>; Mon, 4 Mar 2024 10:25:01 -0800 (PST)
Received: from mail-ej1-x632.google.com (mail-ej1-x632.google.com [IPv6:2a00:1450:4864:20::632]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A4596C1519A9 for <nfsv4@ietf.org>; Mon, 4 Mar 2024 10:25:01 -0800 (PST)
Received: by mail-ej1-x632.google.com with SMTP id a640c23a62f3a-a456ab934eeso148392166b.0 for <nfsv4@ietf.org>; Mon, 04 Mar 2024 10:25:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709576699; x=1710181499; darn=ietf.org; h=to:subject:message-id:date:from:reply-to:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=MhveeMRGZrlGHcGW1zK0YV9+Pv7eoJLqYUhpP82WM2c=; b=eg2xeS13u4ujurpt2vJL3iK7zQ0rSX/5snhuGItD1CjQoVXGKLixaBDUsh4cNTTAL1 uc5ffp5hWiEkcbDCDMHt/vcH8K2fd0pWb7qu0RzK5grnWM0kzk/vQuYxJ9iQEhbuQKDX dEnEq4eC3eCmFlF9C2YSjRHGk65bJJ2VbQEdvhtU3pU37n09G/DdTExd1iReCSY7aYnr D5ulFWgrdoZ7GZe6tQJsfMgX5TECEMry4/bnqkiyVA1ffaQga+YlN96O3tJD+du1RoCM lBvdaBG53bCDZQqsFpihS7mq72xuCEoZuyqQJDLnpKuLGY4a4GLjSXM8q1DtzhJet1ft dV6A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709576699; x=1710181499; h=to:subject:message-id:date:from:reply-to:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=MhveeMRGZrlGHcGW1zK0YV9+Pv7eoJLqYUhpP82WM2c=; b=w6KetSBOlZLttvVoFdQYT1MS/2FE36Ls7+cB6anCJoonl14FeWl5QdFqmWqEjr20eR tpP8llCLlYa/YimfUN9xtAxBr62TZuFkwnEo7L16OXoUfVWNvtNUogu7S04L0bnHOjmo 0ySgk3HsEx8HP4fUAW4bDdzpl/legrRX7MxKACkni+KDL/ciGtd5PEVpf41F1WQtZF7Q LC80tIGK2axeYM8xKg4+J0N+Pq/MICm/R/uq+DDb872utMGRPERJssXlx0zEH3LxcQX0 Iqy00EPeCsUkRCYliNolpeWOeduzdfc6azkHoEJ3ab8GhO33FbiE2moOSfQOwygvEXM5 EDow==
X-Gm-Message-State: AOJu0YxsPF4Fp3qPL9dYuiy8cO1Zyjg8O9H9QDn31XxtPdFYifMxtJ+U 2h9nghJp9ScfDV9qxfweKO0lVGKjVNnGyI8nQO4S4E8tF28Cspr/CHweYyR2bUS79ecHb/CS92y 1j2kTmemAQYqIzpQR/0K1DetWcwbhas6aEkc=
X-Google-Smtp-Source: AGHT+IFMurFCCnuCictioamwxtiFUzayd+CMiqQTOXGYekakdjQ8N6DHHg8qOYA/w+CvD/LFG0Mt3d2fUBaTNLBf+74=
X-Received: by 2002:a17:906:f9d1:b0:a3d:b6c2:fc58 with SMTP id lj17-20020a170906f9d100b00a3db6c2fc58mr5954786ejb.2.1709576698918; Mon, 04 Mar 2024 10:24:58 -0800 (PST)
MIME-Version: 1.0
References: <CADaq8jf2zqq18qrNuLB-zMaps+UtZuBQ=iGZT5K1PNZntBbgVg@mail.gmail.com>
In-Reply-To: <CADaq8jf2zqq18qrNuLB-zMaps+UtZuBQ=iGZT5K1PNZntBbgVg@mail.gmail.com>
Reply-To: beepee@gmail.com
From: Brian Pawlowski <beepee@gmail.com>
Date: Mon, 04 Mar 2024 10:24:47 -0800
Message-ID: <CAEo7hJFLmbUxO93e6zM8_0TDRRvcMdbzW=toSPfyJfPmZO6LHA@mail.gmail.com>
To: NFSv4 <nfsv4@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000dafab60612d9d715"
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/s5O0jpoqO5X8R1_tDKu9eakKuBY>
Subject: Re: [nfsv4] Documents, pre-drafts, and submission plans for documents related to the new security discussion to be part of the rfc5661bis effort.
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Mar 2024 18:25:02 -0000
Dave has updated the security and ACL drafts and put them in datatracker since posting this email. Apologies, this message was stuck in queue because of size of attachments. :-/ Please refer to these security and ACL drafts: https://datatracker.ietf.org/doc/draft-dnoveck-nfsv4-security/ https://datatracker.ietf.org/doc/draft-dnoveck-nfsv4-acls/ -- beepy On Mon, Mar 4, 2024 at 9:42 AM David Noveck <davenoveck@gmail.com> wrote: > I have been working on next steps for the security document and have some > documents for people to look at and will also discuss my plans for document > submission in light of the 3/4 document submission deadline for IETF19. > > > - The current version of the Ontap implementation report is attached. > There are no plans to submit this as an IETF document. People might find > it interesting in that it provides motivation for the changes made in the > ACL document. Also, it gives an indication of the kind of information we > will need about existing ACL implementations. If people have trouble with > the .docx format, let me know and I can post other formats. > > > - There is a pre-draft for the -08 of the security doc. It is close > to complete and I will be able to submit the complete document by the > deadline. There will probably not be time to incorporate > changes/suggestions based on the pre-draft in time for the -08, but will > probably have to defer responding to those until -09. > > Relative to -07, the main changes are to split the ACL stuff into a > separate document, and to address the identity-related issues that Chris > raised. The document split makes an iddifff with -07 pretty messy. The > changes related to the identity issue are mostly in the sections 5.1 of the > documents being compared. > > > One noteworthy issue about the pre-draft is that since the ACL document > has not been submitted yet, it cannot be referenced as it has to be in many > places. For now, I am referencing rfc5662bis instead, but will have to fix > this before actual submission. Also, some inter-document references are > coded as ACLSPEC(target). This will also be addressed before submission of > the -08. > > > - There is also attached an early pre-draft for > *draft-dnoveck-nfsv4-acls-00*. The work on this draft is not as far > along as that for the security document proper and will not be complete in > time for the 3/4 deadline. > > Nevertheless, I will submit something very close to the current pre-draft > as the -00 with the understanding that there is still work to be done. The > first complete draft of this document will be submitted as -01 before the > next wg interim meeting in early April. > > > One important issue to note about the -00 is that the numeric ID's > associated with consensus items in that document are temporary and likely > to change, unlike those in the security document draft. This will be > relevant if some of the work discussed to transform these into github > issues lists proceeds before acls-01 is out. > > _______________________________________________ > nfsv4 mailing list > nfsv4@ietf.org > https://www.ietf.org/mailman/listinfo/nfsv4 >
- [nfsv4] Documents, pre-drafts, and submission pla… David Noveck
- Re: [nfsv4] Documents, pre-drafts, and submission… Brian Pawlowski