Re: [nfsv4] Adoption call for draft-dnoveck-nfsv4-security

Thomas Haynes <loghyr@gmail.com> Tue, 18 October 2022 17:32 UTC

From: Thomas Haynes <loghyr@gmail.com>
Message-Id: <F5F9FAC8-3507-431B-8D1D-5667477D65E8@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_8DEFE911-EE31-4720-ADA5-632C5E26CD2A"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
Date: Tue, 18 Oct 2022 10:32:13 -0700
In-Reply-To: <CADaq8jfZP6GTQQXZZ_01xK1wNNn85-wko7kMu+7qG2nfK7G5aw@mail.gmail.com>
Cc: NFSv4 <nfsv4@ietf.org>, nfsv4-chairs <nfsv4-chairs@ietf.org>, nfsv4-ads@ietf.org
To: David Noveck <davenoveck@gmail.com>
References: <CADaq8jfi1ApVZeJ6LsGSPY=kRXQ2W_NZ9ixwcOnJJ-A_RH4SPA@mail.gmail.com> <E93D76F0-3604-41ED-A240-60D93C2FA107@gmail.com> <CADaq8jfZP6GTQQXZZ_01xK1wNNn85-wko7kMu+7qG2nfK7G5aw@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/x0Sx2GrojR9F93s-C6BbcIFc5iI>
Subject: Re: [nfsv4] Adoption call for draft-dnoveck-nfsv4-security
Precedence: list


> On Oct 17, 2022, at 9:43 AM, David Noveck <davenoveck@gmail.com> wrote:
> 
> 
> 
> On Thu, Oct 13, 2022 at 10:41 PM Thomas Haynes <loghyr@gmail.com <mailto:loghyr@gmail.com>> wrote:
> 
> 
> > On Oct 13, 2022, at 11:07 AM, David Noveck <davenoveck@gmail.com <mailto:davenoveck@gmail.com>> wrote:
> > 
> > This is an adoption call for draft-dnoveck-nfsv4-security.
> > 
> > This document describes nfsv4 security for all nfsv4 minor versions.  It was written as part of rfc5661bis effort and is intended to result in a standards-track document.  PAs stated in the abstract:
> 
> 
> Who has agreed to do the changes in their implemementations? I.e., security is important, but which vendors have agreed to make changes in their v4.0, v4.1, and v4.2 product implementations?
> 
> Nobody, but none are required.   Continuing to rely on old ways of doing things is considered a valid reason to bypass any recommendations to do things more securely.
>  


So suddenly all existing implementations are no longer compliant?

Also, what happens if there are issues in the new specification that would be flushed out with working code?

We have pushed out too many “features” without any implementation. (And I include myself in that “we”.)

Adopting this draft as a WG item without any corresponding implementations is a non-starter for me.

[nfsv4] Adoption call for draft-dnoveck-nfsv4-sec… David Noveck
Re: [nfsv4] Adoption call for draft-dnoveck-nfsv4… Thomas Haynes
Re: [nfsv4] Adoption call for draft-dnoveck-nfsv4… Chuck Lever III
Re: [nfsv4] Adoption call for draft-dnoveck-nfsv4… David Noveck
Re: [nfsv4] Adoption call for draft-dnoveck-nfsv4… Thomas Haynes
Re: [nfsv4] Adoption call for draft-dnoveck-nfsv4… David Noveck
Re: [nfsv4] Adoption call for draft-dnoveck-nfsv4… Rick Macklem
[nfsv4] Fwd: Adoption call for draft-dnoveck-nfsv… Brian Pawlowski