Re: [nfsv4] Ben Campbell's No Objection on draft-ietf-nfsv4-multi-domain-fs-reqs-10: (with COMMENT)
"Adamson, Andy" <William.Adamson@netapp.com> Fri, 02 September 2016 18:35 UTC
Return-Path: <William.Adamson@netapp.com>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3AEAC12D1B7; Fri, 2 Sep 2016 11:35:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.469
X-Spam-Level:
X-Spam-Status: No, score=-7.469 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.548, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aS57uY_a7bfu; Fri, 2 Sep 2016 11:35:20 -0700 (PDT)
Received: from mx144.netapp.com (mx144.netapp.com [216.240.21.25]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5A08212D186; Fri, 2 Sep 2016 11:35:20 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="5.30,272,1470726000"; d="txt'?conf'?scan'208";a="141432613"
Received: from hioexcmbx01-prd.hq.netapp.com ([10.122.105.34]) by mx144-out.netapp.com with ESMTP; 02 Sep 2016 11:34:15 -0700
Received: from HIOEXCMBX03-PRD.hq.netapp.com (10.122.105.36) by hioexcmbx01-prd.hq.netapp.com (10.122.105.34) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Fri, 2 Sep 2016 11:34:13 -0700
Received: from HIOEXCMBX03-PRD.hq.netapp.com ([::1]) by hioexcmbx03-prd.hq.netapp.com ([fe80::a009:cb7a:e519:7347%21]) with mapi id 15.00.1210.000; Fri, 2 Sep 2016 11:34:14 -0700
From: "Adamson, Andy" <William.Adamson@netapp.com>
To: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>
Thread-Topic: [nfsv4] Ben Campbell's No Objection on draft-ietf-nfsv4-multi-domain-fs-reqs-10: (with COMMENT)
Thread-Index: AQHSAunrsB4FBA5YSEOvo6/KBUjXaKBiSCWAgAAdfgCABI2JgIAADY2A
Date: Fri, 02 Sep 2016 18:34:13 +0000
Message-ID: <4FC46B8D-F3D7-47E4-B273-DAA826CD8ECA@netapp.com>
References: <147258068347.23741.13088390380927638223.idtracker@ietfa.amsl.com> <E1A2928C-852C-4C10-8122-E9463A228B24@netapp.com> <4B962427-36EE-42A0-81FF-8F193F5985A0@nostrum.com> <CAKKJt-fFkSe_+ws9JfsDfirZBZJqRaX17yOA7GJoC5QKsQMCxw@mail.gmail.com>
In-Reply-To: <CAKKJt-fFkSe_+ws9JfsDfirZBZJqRaX17yOA7GJoC5QKsQMCxw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3112)
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.122.56.79]
Content-Type: multipart/mixed; boundary="_003_4FC46B8DF3D747E4B273DAA826CD8ECAnetappcom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/wvGJWDIQndPVEIPLiHJmXMEfDOo>
Cc: Ben Campbell <ben@nostrum.com>, "Adamson, Andy" <William.Adamson@netapp.com>, "draft-ietf-nfsv4-multi-domain-fs-reqs@ietf.org" <draft-ietf-nfsv4-multi-domain-fs-reqs@ietf.org>, "nfsv4-chairs@ietf.org" <nfsv4-chairs@ietf.org>, "nfsv4@ietf.org" <nfsv4@ietf.org>
Subject: Re: [nfsv4] Ben Campbell's No Objection on draft-ietf-nfsv4-multi-domain-fs-reqs-10: (with COMMENT)
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Sep 2016 18:35:23 -0000
> On Sep 2, 2016, at 1:45 PM, Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com> wrote: > > Hi, Andy, > > This draft was approved on the telechat yesterday, but I still had two questions from Ben's comments after looking at the diffs for 09-11 (below). The other responses seem to be handled. Hi Spencer OK - good to hear. See below. > > Please let me know what you think. > > On Tue, Aug 30, 2016 at 3:14 PM, Ben Campbell <ben@nostrum.com> wrote: > On 30 Aug 2016, at 13:28, Adamson, Andy wrote: > > On Aug 30, 2016, at 2:11 PM, Ben Campbell <ben@nostrum.com> wrote: > > Ben Campbell has entered the following ballot position for > draft-ietf-nfsv4-multi-domain-fs-reqs-10: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-nfsv4-multi-domain-fs-reqs/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > I am a little bit confused about the purpose of this draft. > My confusion > is probably related to Brian's Gen-ART comments. > > OK - did you read the response? I case you have not, here is portion of the response that addresses the SP vrs BCP concern. > > ————— > This latest round of comments - including the SecDir review from Russ Housley shows that there is still an impedence mis-match between the title/abstract and the intended status of Standards Track versus an Informational draft or best practices. > > I feel that the use of "Guidelines" in the title, and "guidance" in the abstract point to an Informational draft rather than a Standards track. > > This draft is a Proposed Standard (not an Informational or BCP) because the MUST and REQUIRED noted in section 6 of the doc are absolute requirements for an NFSv4 multi-domain file name space to work. These can not be BCP as an NFSv4 multi-domain file name space will _not_ work without these requirements. > > I have completed a draft-ietf-nfsv4-multi-domain-fs-reqs-10 with the following changes: > > 1) The title to be changed from > > "Multiple NFSv4 Domain Namespace Deployment Guidelines" > > to > > "Multiple NFSv4 Domain Namespace Deployment Requirements" > > > 2) The first sentence in the abstract (and in the introduction) to be changed from > > This document provides guidance on the deployment of the NFSv4 > protocols for the construction of an NFSv4 file name space in > environments with multiple NFSv4 Domains. > > to > This document presents requirements on the deployment of the NFSv4 > protocols for the construction of an NFSv4 file name space in > environments with multiple NFSv4 Domains. > > ————— > > to which Brian responded: > > > On Aug 29, 2016, at 7:23 PM, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote: > > Hi, > > Thanks for version -10. I appreciate the clarification to the title etc. > > (All the same, a BCP is just as mandatory as a Draft Standard. But it's > a judgment call, of course.) > > Regards > Brian Carpenter > > I read that, but it didn't answer my question about _what_ the requirements applied to. But you address it below... > > > > Specifically, who/what do the normative requirements in section 6 apply > to. Are these implementation requirements or deployment requirements? > > They are deployment requirements - which I feel is very clear. > > To put a finer point on it, do you think an implementer can write the code for a multi-domain nfsv4 service without reading this document? For example, are the identifier mapping requirements strictly deployment issues without impact on the code? > > I am also curious about this … The identifier mapping requirements of preserving the domain portion of the name@domain and/or the REALM portion of the Kerberos principal@REALM could impose some extra coding requirements on what is stored in a name service and the query calls to the nameservice. For example, the Linux ns_switch getpwnam, getpwuid which are commonly used for name<=>ID mapping do not utilize an @domain or an @REALM portion of a name (either as input nor as output). Back in 2007 I wrote the Linux idmapd daemon translation service which included the nsswitch translation method, and the umich_ldap translation method (I worked for CITI at the University of Michigan at the time). The umich_ldap translation method was written to handle the @domain and @REALM portion of names for name to ID mapping. It included adding schema to LDAP (NFS4Name, GSSAuthName) and coding the associated LDAP queries for mapping between NFSv4Name or GSSAuthName and the UID. http://www.citi.umich.edu/projects/nfsv4/crossrealm/libnfsidmap_config.html It still exists - if you are curious, see the attached /etc/idmapd.conf
- [nfsv4] Ben Campbell's No Objection on draft-ietf… Ben Campbell
- Re: [nfsv4] Ben Campbell's No Objection on draft-… Adamson, Andy
- [nfsv4] Ben Campbell's No Objection on draft-ietf… Ben Campbell
- Re: [nfsv4] Ben Campbell's No Objection on draft-… Ben Campbell
- Re: [nfsv4] Ben Campbell's No Objection on draft-… Spencer Dawkins at IETF
- Re: [nfsv4] Ben Campbell's No Objection on draft-… Adamson, Andy
- Re: [nfsv4] Ben Campbell's No Objection on draft-… Spencer Dawkins at IETF
- Re: [nfsv4] Ben Campbell's No Objection on draft-… Spencer Dawkins at IETF