draft-ietf-nfsv4-rfc3530bis-19.txt | draft-ietf-nfsv4-rfc3530bis-20.txt | |||
---|---|---|---|---|
NFSv4 T. Haynes, Ed. | NFSv4 T. Haynes, Ed. | |||
Internet-Draft NetApp | Internet-Draft NetApp | |||
Intended status: Standards Track D. Noveck, Ed. | Intended status: Standards Track D. Noveck, Ed. | |||
Expires: March 7, 2013 EMC | Expires: March 29, 2013 EMC | |||
September 03, 2012 | September 25, 2012 | |||
Network File System (NFS) Version 4 Protocol | Network File System (NFS) Version 4 Protocol | |||
draft-ietf-nfsv4-rfc3530bis-19.txt | draft-ietf-nfsv4-rfc3530bis-20.txt | |||
Abstract | Abstract | |||
The Network File System (NFS) version 4 is a distributed filesystem | The Network File System (NFS) version 4 is a distributed filesystem | |||
protocol which owes heritage to NFS protocol version 2, RFC 1094, and | protocol which owes heritage to NFS protocol version 2, RFC 1094, and | |||
version 3, RFC 1813. Unlike earlier versions, the NFS version 4 | version 3, RFC 1813. Unlike earlier versions, the NFS version 4 | |||
protocol supports traditional file access while integrating support | protocol supports traditional file access while integrating support | |||
for file locking and the mount protocol. In addition, support for | for file locking and the mount protocol. In addition, support for | |||
strong security (and its negotiation), compound operations, client | strong security (and its negotiation), compound operations, client | |||
caching, and internationalization have been added. Of course, | caching, and internationalization have been added. Of course, | |||
skipping to change at page 1, line 49 | skipping to change at page 1, line 49 | |||
Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
This Internet-Draft will expire on March 7, 2013. | This Internet-Draft will expire on March 29, 2013. | |||
Copyright Notice | Copyright Notice | |||
Copyright (c) 2012 IETF Trust and the persons identified as the | Copyright (c) 2012 IETF Trust and the persons identified as the | |||
document authors. All rights reserved. | document authors. All rights reserved. | |||
This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
(http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
publication of this document. Please review these documents | publication of this document. Please review these documents | |||
skipping to change at page 53, line 40 | skipping to change at page 53, line 40 | |||
(ACEs) that are associated with the file system object. Although the | (ACEs) that are associated with the file system object. Although the | |||
client can read and write the acl attribute, the server is | client can read and write the acl attribute, the server is | |||
responsible for using the ACL to perform access control. The client | responsible for using the ACL to perform access control. The client | |||
can use the OPEN or ACCESS operations to check access without | can use the OPEN or ACCESS operations to check access without | |||
modifying or reading data or metadata. | modifying or reading data or metadata. | |||
The NFS ACE structure is defined as follows: | The NFS ACE structure is defined as follows: | |||
typedef uint32_t acetype4; | typedef uint32_t acetype4; | |||
typedef uint32_t aceflag4; | typedef uint32_t aceflag4; | |||
typedef uint32_t acemask4; | typedef uint32_t acemask4; | |||
struct nfsace4 { | struct nfsace4 { | |||
acetype4 type; | acetype4 type; | |||
aceflag4 flag; | aceflag4 flag; | |||
acemask4 access_mask; | acemask4 access_mask; | |||
utf8val_REQUIRED4 who; | utf8val_REQUIRED4 who; | |||
}; | }; | |||
To determine if a request succeeds, the server processes each nfsace4 | To determine if a request succeeds, the server processes each nfsace4 | |||
skipping to change at page 211, line 40 | skipping to change at page 211, line 40 | |||
| | NFS4ERR_BAD_SEQID, NFS4ERR_BAD_STATEID, | | | | NFS4ERR_BAD_SEQID, NFS4ERR_BAD_STATEID, | | |||
| | NFS4ERR_BADXDR, NFS4ERR_DELAY, | | | | NFS4ERR_BADXDR, NFS4ERR_DELAY, | | |||
| | NFS4ERR_EXPIRED, NFS4ERR_FHEXPIRED, | | | | NFS4ERR_EXPIRED, NFS4ERR_FHEXPIRED, | | |||
| | NFS4ERR_INVAL, NFS4ERR_ISDIR, | | | | NFS4ERR_INVAL, NFS4ERR_ISDIR, | | |||
| | NFS4ERR_LEASE_MOVED, NFS4ERR_LOCKS_HELD, | | | | NFS4ERR_LEASE_MOVED, NFS4ERR_LOCKS_HELD, | | |||
| | NFS4ERR_MOVED, NFS4ERR_NOFILEHANDLE, | | | | NFS4ERR_MOVED, NFS4ERR_NOFILEHANDLE, | | |||
| | NFS4ERR_OLD_STATEID, NFS4ERR_RESOURCE, | | | | NFS4ERR_OLD_STATEID, NFS4ERR_RESOURCE, | | |||
| | NFS4ERR_SERVERFAULT, NFS4ERR_STALE, | | | | NFS4ERR_SERVERFAULT, NFS4ERR_STALE, | | |||
| | NFS4ERR_STALE_STATEID | | | | NFS4ERR_STALE_STATEID | | |||
| COMMIT | NFS4ERR_ACCESS, NFS4ERR_BADHANDLE, | | | COMMIT | NFS4ERR_ACCESS, NFS4ERR_BADHANDLE, | | |||
| | NFS4ERR_BADXDR, NFS4ERR_FHEXPIRED, | | | | NFS4ERR_BADXDR, NFS4ERR_DELAY, | | |||
| | NFS4ERR_INVAL, NFS4ERR_IO, NFS4ERR_ISDIR, | | | | NFS4ERR_FHEXPIRED, NFS4ERR_INVAL, | | |||
| | NFS4ERR_MOVED, NFS4ERR_NOFILEHANDLE, | | | | NFS4ERR_IO, NFS4ERR_ISDIR, NFS4ERR_MOVED, | | |||
| | NFS4ERR_RESOURCE, NFS4ERR_ROFS, | | | | NFS4ERR_NOFILEHANDLE, NFS4ERR_RESOURCE, | | |||
| | NFS4ERR_SERVERFAULT, NFS4ERR_STALE, | | | | NFS4ERR_ROFS, NFS4ERR_SERVERFAULT, | | |||
| | NFS4ERR_SYMLINK | | | | NFS4ERR_STALE, NFS4ERR_SYMLINK | | |||
| CREATE | NFS4ERR_ACCESS, NFS4ERR_ATTRNOTSUPP, | | | CREATE | NFS4ERR_ACCESS, NFS4ERR_ATTRNOTSUPP, | | |||
| | NFS4ERR_BADCHAR, NFS4ERR_BADHANDLE, | | | | NFS4ERR_BADCHAR, NFS4ERR_BADHANDLE, | | |||
| | NFS4ERR_BADNAME, NFS4ERR_BADOWNER, | | | | NFS4ERR_BADNAME, NFS4ERR_BADOWNER, | | |||
| | NFS4ERR_BADTYPE, NFS4ERR_BADXDR, | | | | NFS4ERR_BADTYPE, NFS4ERR_BADXDR, | | |||
| | NFS4ERR_DELAY, NFS4ERR_DQUOT, | | | | NFS4ERR_DELAY, NFS4ERR_DQUOT, | | |||
| | NFS4ERR_EXIST, NFS4ERR_FHEXPIRED, | | | | NFS4ERR_EXIST, NFS4ERR_FHEXPIRED, | | |||
| | NFS4ERR_INVAL, NFS4ERR_IO, NFS4ERR_MOVED, | | | | NFS4ERR_INVAL, NFS4ERR_IO, NFS4ERR_MOVED, | | |||
| | NFS4ERR_NAMETOOLONG, NFS4ERR_NOFILEHANDLE, | | | | NFS4ERR_NAMETOOLONG, NFS4ERR_NOFILEHANDLE, | | |||
| | NFS4ERR_NOSPC, NFS4ERR_NOTDIR, | | | | NFS4ERR_NOSPC, NFS4ERR_NOTDIR, | | |||
| | NFS4ERR_PERM, NFS4ERR_RESOURCE, | | | | NFS4ERR_PERM, NFS4ERR_RESOURCE, | | |||
| | NFS4ERR_ROFS, NFS4ERR_SERVERFAULT, | | | | NFS4ERR_ROFS, NFS4ERR_SERVERFAULT, | | |||
| | NFS4ERR_STALE | | | | NFS4ERR_STALE | | |||
| DELEGPURGE | NFS4ERR_BADXDR, NFS4ERR_NOTSUPP, | | | DELEGPURGE | NFS4ERR_BADXDR, NFS4ERR_DELAY, | | |||
| | NFS4ERR_LEASE_MOVED, NFS4ERR_RESOURCE, | | | | NFS4ERR_NOTSUPP, NFS4ERR_LEASE_MOVED, | | |||
| | NFS4ERR_SERVERFAULT, NFS4ERR_STALE_CLIENTID | | ||||
| DELEGRETURN | NFS4ERR_ADMIN_REVOKED, NFS4ERR_BAD_STATEID, | | ||||
| | NFS4ERR_BADXDR, NFS4ERR_EXPIRED, | | ||||
| | NFS4ERR_INVAL, NFS4ERR_LEASE_MOVED, | | ||||
| | NFS4ERR_MOVED, NFS4ERR_NOFILEHANDLE, | | ||||
| | NFS4ERR_NOTSUPP, NFS4ERR_OLD_STATEID, | | ||||
| | NFS4ERR_RESOURCE, NFS4ERR_SERVERFAULT, | | | | NFS4ERR_RESOURCE, NFS4ERR_SERVERFAULT, | | |||
| | NFS4ERR_STALE, NFS4ERR_STALE_STATEID | | | | NFS4ERR_STALE_CLIENTID | | |||
| DELEGRETURN | NFS4ERR_ADMIN_REVOKED, NFS4ERR_BAD_STATEID, | | ||||
| | NFS4ERR_BADXDR, NFS4ERR_DELAY, | | ||||
| | NFS4ERR_EXPIRED, NFS4ERR_INVAL, | | ||||
| | NFS4ERR_LEASE_MOVED, NFS4ERR_MOVED, | | ||||
| | NFS4ERR_NOFILEHANDLE, NFS4ERR_NOTSUPP, | | ||||
| | NFS4ERR_OLD_STATEID, NFS4ERR_RESOURCE, | | ||||
| | NFS4ERR_SERVERFAULT, NFS4ERR_STALE, | | ||||
| | NFS4ERR_STALE_STATEID | | ||||
| GETATTR | NFS4ERR_ACCESS, NFS4ERR_BADHANDLE, | | | GETATTR | NFS4ERR_ACCESS, NFS4ERR_BADHANDLE, | | |||
| | NFS4ERR_BADXDR, NFS4ERR_DELAY, | | | | NFS4ERR_BADXDR, NFS4ERR_DELAY, | | |||
| | NFS4ERR_FHEXPIRED, NFS4ERR_GRACE, | | | | NFS4ERR_FHEXPIRED, NFS4ERR_GRACE, | | |||
| | NFS4ERR_INVAL, NFS4ERR_IO, NFS4ERR_MOVED, | | | | NFS4ERR_INVAL, NFS4ERR_IO, NFS4ERR_MOVED, | | |||
| | NFS4ERR_NOFILEHANDLE, NFS4ERR_RESOURCE, | | | | NFS4ERR_NOFILEHANDLE, NFS4ERR_RESOURCE, | | |||
| | NFS4ERR_SERVERFAULT, NFS4ERR_STALE | | | | NFS4ERR_SERVERFAULT, NFS4ERR_STALE | | |||
| GETFH | NFS4ERR_BADHANDLE, NFS4ERR_FHEXPIRED, | | | GETFH | NFS4ERR_BADHANDLE, NFS4ERR_FHEXPIRED, | | |||
| | NFS4ERR_MOVED, NFS4ERR_NOFILEHANDLE, | | | | NFS4ERR_MOVED, NFS4ERR_NOFILEHANDLE, | | |||
| | NFS4ERR_RESOURCE, NFS4ERR_SERVERFAULT, | | | | NFS4ERR_RESOURCE, NFS4ERR_SERVERFAULT, | | |||
| | NFS4ERR_STALE | | | | NFS4ERR_STALE | | |||
skipping to change at page 213, line 32 | skipping to change at page 213, line 32 | |||
| | NFS4ERR_DELAY, NFS4ERR_DENIED, | | | | NFS4ERR_DELAY, NFS4ERR_DENIED, | | |||
| | NFS4ERR_FHEXPIRED, NFS4ERR_GRACE, | | | | NFS4ERR_FHEXPIRED, NFS4ERR_GRACE, | | |||
| | NFS4ERR_INVAL, NFS4ERR_ISDIR, | | | | NFS4ERR_INVAL, NFS4ERR_ISDIR, | | |||
| | NFS4ERR_LEASE_MOVED, NFS4ERR_LOCK_RANGE, | | | | NFS4ERR_LEASE_MOVED, NFS4ERR_LOCK_RANGE, | | |||
| | NFS4ERR_MOVED, NFS4ERR_NOFILEHANDLE, | | | | NFS4ERR_MOVED, NFS4ERR_NOFILEHANDLE, | | |||
| | NFS4ERR_RESOURCE, NFS4ERR_SERVERFAULT, | | | | NFS4ERR_RESOURCE, NFS4ERR_SERVERFAULT, | | |||
| | NFS4ERR_STALE, NFS4ERR_STALE_CLIENTID | | | | NFS4ERR_STALE, NFS4ERR_STALE_CLIENTID | | |||
| LOCKU | NFS4ERR_ACCESS, NFS4ERR_ADMIN_REVOKED, | | | LOCKU | NFS4ERR_ACCESS, NFS4ERR_ADMIN_REVOKED, | | |||
| | NFS4ERR_BADHANDLE, NFS4ERR_BAD_RANGE, | | | | NFS4ERR_BADHANDLE, NFS4ERR_BAD_RANGE, | | |||
| | NFS4ERR_BAD_SEQID, NFS4ERR_BAD_STATEID, | | | | NFS4ERR_BAD_SEQID, NFS4ERR_BAD_STATEID, | | |||
| | NFS4ERR_BADXDR, NFS4ERR_EXPIRED, | | | | NFS4ERR_BADXDR, NFS4ERR_DELAY, | | |||
| | NFS4ERR_FHEXPIRED, NFS4ERR_GRACE, | | | | NFS4ERR_EXPIRED, NFS4ERR_FHEXPIRED, | | |||
| | NFS4ERR_INVAL, NFS4ERR_ISDIR, | | | | NFS4ERR_GRACE, NFS4ERR_INVAL, | | |||
| | NFS4ERR_LEASE_MOVED, NFS4ERR_LOCK_RANGE, | | | | NFS4ERR_ISDIR, NFS4ERR_LEASE_MOVED, | | |||
| | NFS4ERR_MOVED, NFS4ERR_NOFILEHANDLE, | | | | NFS4ERR_LOCK_RANGE, NFS4ERR_MOVED, | | |||
| | NFS4ERR_OLD_STATEID, NFS4ERR_RESOURCE, | | | | NFS4ERR_NOFILEHANDLE, NFS4ERR_OLD_STATEID, | | |||
| | NFS4ERR_SERVERFAULT, NFS4ERR_STALE, | | | | NFS4ERR_RESOURCE, NFS4ERR_SERVERFAULT, | | |||
| | NFS4ERR_STALE_STATEID | | | | NFS4ERR_STALE, NFS4ERR_STALE_STATEID | | |||
| LOOKUP | NFS4ERR_ACCESS, NFS4ERR_BADCHAR, | | | LOOKUP | NFS4ERR_ACCESS, NFS4ERR_BADCHAR, | | |||
| | NFS4ERR_BADHANDLE, NFS4ERR_BADNAME, | | | | NFS4ERR_BADHANDLE, NFS4ERR_BADNAME, | | |||
| | NFS4ERR_BADXDR, NFS4ERR_FHEXPIRED, | | | | NFS4ERR_BADXDR, NFS4ERR_DELAY, | | |||
| | NFS4ERR_INVAL, NFS4ERR_IO, NFS4ERR_MOVED, | | | | NFS4ERR_FHEXPIRED, NFS4ERR_INVAL, | | |||
| | NFS4ERR_IO, NFS4ERR_MOVED, | | ||||
| | NFS4ERR_NAMETOOLONG, NFS4ERR_NOENT, | | | | NFS4ERR_NAMETOOLONG, NFS4ERR_NOENT, | | |||
| | NFS4ERR_NOFILEHANDLE, NFS4ERR_NOTDIR, | | | | NFS4ERR_NOFILEHANDLE, NFS4ERR_NOTDIR, | | |||
| | NFS4ERR_RESOURCE, NFS4ERR_SERVERFAULT, | | | | NFS4ERR_RESOURCE, NFS4ERR_SERVERFAULT, | | |||
| | NFS4ERR_STALE, NFS4ERR_SYMLINK, | | | | NFS4ERR_STALE, NFS4ERR_SYMLINK, | | |||
| | NFS4ERR_WRONGSEC | | | | NFS4ERR_WRONGSEC | | |||
| LOOKUPP | NFS4ERR_ACCESS, NFS4ERR_BADHANDLE, | | | LOOKUPP | NFS4ERR_ACCESS, NFS4ERR_BADHANDLE, | | |||
| | NFS4ERR_DELAY, NFS4ERR_FHEXPIRED, | | | | NFS4ERR_DELAY, NFS4ERR_FHEXPIRED, | | |||
| | NFS4ERR_IO, NFS4ERR_MOVED, NFS4ERR_NOENT, | | | | NFS4ERR_IO, NFS4ERR_MOVED, NFS4ERR_NOENT, | | |||
| | NFS4ERR_NOFILEHANDLE, NFS4ERR_NOTDIR, | | | | NFS4ERR_NOFILEHANDLE, NFS4ERR_NOTDIR, | | |||
| | NFS4ERR_RESOURCE, NFS4ERR_SERVERFAULT, | | | | NFS4ERR_RESOURCE, NFS4ERR_SERVERFAULT, | | |||
skipping to change at page 220, line 5 | skipping to change at page 220, line 5 | |||
| NFS4ERR_BAD_RANGE | LOCK, LOCKT, LOCKU | | | NFS4ERR_BAD_RANGE | LOCK, LOCKT, LOCKU | | |||
| NFS4ERR_BAD_SEQID | CLOSE, LOCK, LOCKU, OPEN, | | | NFS4ERR_BAD_SEQID | CLOSE, LOCK, LOCKU, OPEN, | | |||
| | OPEN_CONFIRM, OPEN_DOWNGRADE | | | | OPEN_CONFIRM, OPEN_DOWNGRADE | | |||
| NFS4ERR_BAD_STATEID | CB_RECALL, CLOSE, DELEGRETURN, LOCK, | | | NFS4ERR_BAD_STATEID | CB_RECALL, CLOSE, DELEGRETURN, LOCK, | | |||
| | LOCKU, OPEN, OPEN_CONFIRM, | | | | LOCKU, OPEN, OPEN_CONFIRM, | | |||
| | OPEN_DOWNGRADE, READ, SETATTR, WRITE | | | | OPEN_DOWNGRADE, READ, SETATTR, WRITE | | |||
| NFS4ERR_CB_PATH_DOWN | RENEW | | | NFS4ERR_CB_PATH_DOWN | RENEW | | |||
| NFS4ERR_CLID_INUSE | SETCLIENTID, SETCLIENTID_CONFIRM | | | NFS4ERR_CLID_INUSE | SETCLIENTID, SETCLIENTID_CONFIRM | | |||
| NFS4ERR_DEADLOCK | LOCK | | | NFS4ERR_DEADLOCK | LOCK | | |||
| NFS4ERR_DELAY | ACCESS, CB_GETATTR, CB_RECALL, CLOSE, | | | NFS4ERR_DELAY | ACCESS, CB_GETATTR, CB_RECALL, CLOSE, | | |||
| | CREATE, GETATTR, LINK, LOCK, LOCKT, | | | | COMMIT, CREATE, DELEGPURGE, | | |||
| | LOOKUPP, NVERIFY, OPEN, OPENATTR, | | | | DELEGRETURN, GETATTR, LINK, LOCK, | | |||
| | LOCKT, LOCKU, LOOKUP, LOOKUPP, | | ||||
| | NVERIFY, OPEN, OPENATTR, | | ||||
| | OPEN_DOWNGRADE, PUTFH, PUTPUBFH, | | | | OPEN_DOWNGRADE, PUTFH, PUTPUBFH, | | |||
| | PUTROOTFH, READ, READDIR, READLINK, | | | | PUTROOTFH, READ, READDIR, READLINK, | | |||
| | REMOVE, RENAME, SECINFO, SETATTR, | | | | REMOVE, RENAME, SECINFO, SETATTR, | | |||
| | SETCLIENTID, SETCLIENTID_CONFIRM, | | | | SETCLIENTID, SETCLIENTID_CONFIRM, | | |||
| | VERIFY, WRITE | | | | VERIFY, WRITE | | |||
| NFS4ERR_DENIED | LOCK, LOCKT | | | NFS4ERR_DENIED | LOCK, LOCKT | | |||
| NFS4ERR_DQUOT | CREATE, LINK, OPEN, OPENATTR, RENAME, | | | NFS4ERR_DQUOT | CREATE, LINK, OPEN, OPENATTR, RENAME, | | |||
| | SETATTR, WRITE | | | | SETATTR, WRITE | | |||
| NFS4ERR_EXIST | CREATE, LINK, OPEN, RENAME | | | NFS4ERR_EXIST | CREATE, LINK, OPEN, RENAME | | |||
| NFS4ERR_EXPIRED | CLOSE, DELEGRETURN, LOCK, LOCKU, OPEN, | | | NFS4ERR_EXPIRED | CLOSE, DELEGRETURN, LOCK, LOCKU, OPEN, | | |||
skipping to change at page 314, line 6 | skipping to change at page 314, line 6 | |||
implement and simple to deploy and use, it is certainly not a safe | implement and simple to deploy and use, it is certainly not a safe | |||
model. Thus, NFSv4 mandates that implementations support a security | model. Thus, NFSv4 mandates that implementations support a security | |||
model that uses end to end authentication, where an end-user on a | model that uses end to end authentication, where an end-user on a | |||
client mutually authenticates (via cryptographic schemes that do not | client mutually authenticates (via cryptographic schemes that do not | |||
expose passwords or keys in the clear on the network) to a principal | expose passwords or keys in the clear on the network) to a principal | |||
on an NFS server. Consideration should also be given to the | on an NFS server. Consideration should also be given to the | |||
integrity and privacy of NFS requests and responses. The issues of | integrity and privacy of NFS requests and responses. The issues of | |||
end to end mutual authentication, integrity, and privacy are | end to end mutual authentication, integrity, and privacy are | |||
discussed as part of Section 3. | discussed as part of Section 3. | |||
Note that while NFSv4 mandates an end to end mutual authentication | When an NFSv4 mandated security model is used and a security | |||
model, the "classic" model of machine authentication via IP address | principal or an NFSv4 name in user@dns_domain form needs to be | |||
checking and AUTH_SYS identification can still be supported with the | translated to or from a local representation as described in | |||
caveat that the AUTH_SYS flavor is neither MANDATORY nor RECOMMENDED | Section 5.9, the translation SHOULD be done in a secure manner that | |||
by this specification, and so interoperability via AUTH_SYS is not | preserves the integrity of the translation. For communication with a | |||
assured. | name service such as LDAP ([41]), this means employing a security | |||
service that uses authentication and data integrity. Kerberos and | ||||
TLS ([42]) are examples of such a security service. | ||||
Note that being REQUIRED to implement does not mean REQUIRED to use; | ||||
AUTH_SYS can be used by NFSv4 clients and servers. However, AUTH_SYS | ||||
is merely an OPTIONAL security flavor in NFSv4, and so | ||||
interoperability via AUTH_SYS is not assured. | ||||
For reasons of reduced administration overhead, better performance | For reasons of reduced administration overhead, better performance | |||
and/or reduction of CPU utilization, users of NFSv4 implementations | and/or reduction of CPU utilization, users of NFSv4 implementations | |||
may choose to not use security mechanisms that enable integrity | may choose to not use security mechanisms that enable integrity | |||
protection on each remote procedure call and response. The use of | protection on each remote procedure call and response. The use of | |||
mechanisms without integrity leaves the customer vulnerable to an | mechanisms without integrity leaves the customer vulnerable to an | |||
attacker in between the NFS client and server that modifies the RPC | attacker in between the NFS client and server that modifies the RPC | |||
request and/or the response. While implementations are free to | request and/or the response. While implementations are free to | |||
provide the option to use weaker security mechanisms, there are two | provide the option to use weaker security mechanisms, there are two | |||
operations in particular that warrant the implementation overriding | operations in particular that warrant the implementation overriding | |||
skipping to change at page 315, line 7 | skipping to change at page 315, line 10 | |||
server controlled by the attacker. | server controlled by the attacker. | |||
Because the operations SETCLIENTID/SETCLIENTID_CONFIRM are | Because the operations SETCLIENTID/SETCLIENTID_CONFIRM are | |||
responsible for the release of client state, it is imperative that | responsible for the release of client state, it is imperative that | |||
the principal used for these operations is checked against and match | the principal used for these operations is checked against and match | |||
the previous use of these operations. See Section 9.1.1 for further | the previous use of these operations. See Section 9.1.1 for further | |||
discussion. | discussion. | |||
18. IANA Considerations | 18. IANA Considerations | |||
This section uses terms that are defined in [41]. | This section uses terms that are defined in [43]. | |||
18.1. Named Attribute Definitions | 18.1. Named Attribute Definitions | |||
IANA will create a registry called the "NFSv4 Named Attribute | IANA will create a registry called the "NFSv4 Named Attribute | |||
Definitions Registry". | Definitions Registry". | |||
The NFSv4 protocol supports the association of a file with zero or | The NFSv4 protocol supports the association of a file with zero or | |||
more named attributes. The name space identifiers for these | more named attributes. The name space identifiers for these | |||
attributes are defined as string names. The protocol does not define | attributes are defined as string names. The protocol does not define | |||
the specific assignment of the name space for these file attributes. | the specific assignment of the name space for these file attributes. | |||
skipping to change at page 315, line 30 | skipping to change at page 315, line 33 | |||
attributes as needed, they are encouraged to register the attributes | attributes as needed, they are encouraged to register the attributes | |||
with IANA. | with IANA. | |||
Such registered named attributes are presumed to apply to all minor | Such registered named attributes are presumed to apply to all minor | |||
versions of NFSv4, including those defined subsequently to the | versions of NFSv4, including those defined subsequently to the | |||
registration. Where the named attribute is intended to be limited | registration. Where the named attribute is intended to be limited | |||
with regard to the minor versions for which they are not be used, the | with regard to the minor versions for which they are not be used, the | |||
assignment in registry will clearly state the applicable limits. | assignment in registry will clearly state the applicable limits. | |||
All assignments to the registry are made on a First Come First Served | All assignments to the registry are made on a First Come First Served | |||
basis, per section 4.1 of [41]. The policy for each assignment is | basis, per section 4.1 of [43]. The policy for each assignment is | |||
Specification Required, per section 4.1 of [41]. | Specification Required, per section 4.1 of [43]. | |||
Under the NFSv4 specification, the name of a named attribute can in | Under the NFSv4 specification, the name of a named attribute can in | |||
theory be up to 2^32 - 1 bytes in length, but in practice NFSv4 | theory be up to 2^32 - 1 bytes in length, but in practice NFSv4 | |||
clients and servers will be unable to a handle string that long. | clients and servers will be unable to a handle string that long. | |||
IANA should reject any assignment request with a named attribute that | IANA should reject any assignment request with a named attribute that | |||
exceeds 128 UTF-8 characters. To give IESG the flexibility to set up | exceeds 128 UTF-8 characters. To give IESG the flexibility to set up | |||
bases of assignment of Experimental Use and Standards Action, the | bases of assignment of Experimental Use and Standards Action, the | |||
prefixes of "EXPE" and "STDS" are Reserved. The zero length named | prefixes of "EXPE" and "STDS" are Reserved. The zero length named | |||
attribute name is Reserved. | attribute name is Reserved. | |||
skipping to change at page 319, line 33 | skipping to change at page 319, line 39 | |||
[38] Callaghan, B., "NFS URL Scheme", RFC 2224, October 1997. | [38] Callaghan, B., "NFS URL Scheme", RFC 2224, October 1997. | |||
[39] Chiu, A., Eisler, M., and B. Callaghan, "Security Negotiation | [39] Chiu, A., Eisler, M., and B. Callaghan, "Security Negotiation | |||
for WebNFS", RFC 2755, January 2000. | for WebNFS", RFC 2755, January 2000. | |||
[40] The Open Group, "Section 'unlink()' of System Interfaces of The | [40] The Open Group, "Section 'unlink()' of System Interfaces of The | |||
Open Group Base Specifications Issue 6 IEEE Std 1003.1, 2004 | Open Group Base Specifications Issue 6 IEEE Std 1003.1, 2004 | |||
Edition, HTML Version (www.opengroup.org), ISBN 1931624232", | Edition, HTML Version (www.opengroup.org), ISBN 1931624232", | |||
2004. | 2004. | |||
[41] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA | [41] Sermersheim, J., "Lightweight Directory Access Protocol (LDAP): | |||
The Protocol", RFC 4511, June 2006. | ||||
[42] Dierks, T. and E. Rescorla, "The Transport Layer Security (TLS) | ||||
Protocol Version 1.2", RFC 5246, August 2008. | ||||
[43] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA | ||||
Considerations Section in RFCs", BCP 26, RFC 5226, May 2008. | Considerations Section in RFCs", BCP 26, RFC 5226, May 2008. | |||
Appendix A. Acknowledgments | Appendix A. Acknowledgments | |||
A bis is certainly built on the shoulders of the first attempt. | A bis is certainly built on the shoulders of the first attempt. | |||
Spencer Shepler, Brent Callaghan, David Robinson, Robert Thurlow, | Spencer Shepler, Brent Callaghan, David Robinson, Robert Thurlow, | |||
Carl Beame, Mike Eisler, and David Noveck are responsible for a great | Carl Beame, Mike Eisler, and David Noveck are responsible for a great | |||
deal of the effort in this work. | deal of the effort in this work. | |||
Rob Thurlow clarified how a client should contact a new server if a | Rob Thurlow clarified how a client should contact a new server if a | |||
End of changes. 14 change blocks. | ||||
42 lines changed or deleted | 60 lines changed or added | |||
This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ |