IETF Logo Mail Archive

Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrity-measurement-01.txt

Bruce Fields <bfields@fieldses.org> Thu, 27 September 2018 17:27 UTC

Return-Path: <bfields@fieldses.org>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 95786130EE8 for <nfsv4@ietfa.amsl.com>; Thu, 27 Sep 2018 10:27:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mrWP2EI7Dqtv for <nfsv4@ietfa.amsl.com>; Thu, 27 Sep 2018 10:27:14 -0700 (PDT)
Received: from fieldses.org (fieldses.org [173.255.197.46]) by ietfa.amsl.com (Postfix) with ESMTP id E86B2130E14 for <nfsv4@ietf.org>; Thu, 27 Sep 2018 10:27:13 -0700 (PDT)
Received: by fieldses.org (Postfix, from userid 2815) id C962D2015; Thu, 27 Sep 2018 13:26:42 -0400 (EDT)
Date: Thu, 27 Sep 2018 13:26:42 -0400
From: Bruce Fields <bfields@fieldses.org>
To: "Everhart, Craig" <Craig.Everhart@netapp.com>
Cc: Chuck Lever <chuck.lever@oracle.com>, NFSv4 <nfsv4@ietf.org>
Message-ID: <20180927172642.GA14534@fieldses.org>
References: <153780090601.28221.16958675117475194416@ietfa.amsl.com> <CADE569F-8584-42CF-A297-E60956D368A2@oracle.com> <CAKKJt-fmB5psmtbm9PJTnhkZkZLCBnCVZnr3fMsf++exN5XObQ@mail.gmail.com> <20180926202157.GA826@fieldses.org> <1F2E60B5-E09F-4B33-8301-99C5E5A0F310@oracle.com> <20180927011257.GC2715@fieldses.org> <8461C2B0-41B3-4983-86F3-78DC4B36D077@oracle.com> <E960590D-7284-4C08-83F2-C066F4713244@netapp.com> <B15A1832-FAB9-4A0B-AF4E-F2EB1D424C57@oracle.com> <E232912D-984D-441F-9B1E-59B6C6B367F9@netapp.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <E232912D-984D-441F-9B1E-59B6C6B367F9@netapp.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/xCLDO4s070TTIELNJ_2nATEI7V4>
Subject: Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrity-measurement-01.txt
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Sep 2018 17:27:16 -0000

On Thu, Sep 27, 2018 at 04:59:05PM +0000, Everhart, Craig wrote:
> Just to say: when there was the "8-bit-transparent" scheme around, it LOST to the UTF encoding.  Without knowing what the local character scheme was, it made no sense to claim interoperability with some other unspecified character encoding scheme.

Huh, I thought we'd gone the other way--RFC 3530 tried to mandate UTF-8
but that didn't really take.

But I don't know if there's any lesson there.

--b.

> 
> The analogy here is that you're either trying to reserve an "8-bit-clean" repository of opaque data, where a server doesn't know what it's storing and a separate client has no idea what it's seeing, or you're trying to reserve a particular slot for the sole use of some format that you don't describe.  In that second case, the analogy with file name data isn't so clear: NFS is built around having exactly one (component) file name, without a label explaining how to interpret that file name label.
> 
> But you're effectively asking for private use of the "file provenance" name space.  I hope there's never another community that also comes up with a "file provenance" description scheme.
> 
> 		Craig
> 
> 
> 
> On 9/27/18, 12:24 PM, "Chuck Lever" <chuck.lever@oracle.com> wrote:
>     
>     > On Sep 27, 2018, at 9:09 AM, Everhart, Craig <Craig.Everhart@netapp.com> wrote:
>     >
>     > This exact issue needs to be discussed in the draft--whether it makes sense for clients/servers that don't a-priori recognize the "file provenance" information to reject the communication, and how.  Should non-recognizing servers store the information blind?  Or should they reject such files?
>     
>     Good point. I can add language that fills that in. In fact
>     that will be a copy-and-paste from an earlier version of
>     this document.
>     
>     
>     > Essentially, the draft seems to imply that there's a well-understood way that some community of file handlers has of describing file provenance.  Instead of explaining what that is, the author(s) of the draft simply want to standardize a way of describing data that is otherwise opaque.  The draft gives no information on how to construct an appropriate file-provenance blob of bits, to my reading, or to explain what a formatted blob of bits would mean.
>     >
>     > Let's say that there are multiple communities that all are composed of people that understand some formatting scheme.  How should they interact?  How would I (a file server) take a blob from community A and present it in a way that community B would understand?  Or is this formatting scheme to remain opaque forever?
>     >
>     > We had an analogous tussle many years ago with the "8-bit-transparent" file name stuff.  One community wanted NFS to simply save file names in their full 8-bit form, without interpretation.  That's fine as long as everybody who sees a given name knows how to interpret it.  (This was in the days before UTF-8 or its analogues; we had a lot of localized character sets that people wanted to use verbatim.)  Thank heavens that we no longer have that particular fight.  But this draft feels analogous: it apparently wants NFS to store and retrieve "provenance" blobs without altering them, saying that they have meaningful semantics, but without explaining what those semantics are.
>     
>     Yes, that's what we want to do. This is exactly the same
>     as storing opaque file data. NFS is conveying and storing
>     data on behalf of an application which is responsible for
>     interpreting that data.
>     
>     
>     >               Craig Everhart
>     >
>     >
>     >
>     > On 9/27/18, 11:32 AM, "nfsv4 on behalf of Chuck Lever" <nfsv4-bounces@ietf.org on behalf of chuck.lever@oracle.com> wrote:
>     >
>     >    The consequences of not recognizing the file provenance information
>     >    are not dire. In those cases, clients simply don't allow access to
>     >    the file's content, and the implementations are free to report to
>     >    the administrator that the FPI format is not recognized.
>     >
>     >    Would it help to state that in the draft?
>     >
>     
>     --
>     Chuck Lever
>     
>     
>     
>     
>

v2.23.0 | Report a Bug | By Email