1 May 2012 06:32
Re: WG last call complete for Requirements for Labeled NFS (still needs review)
Dave Quigley <dpquigl <at> davequigley.com>
2012-05-01 04:32:21 GMT
2012-05-01 04:32:21 GMT
On 4/30/2012 2:55 AM, Spencer Shepler wrote: > We have completed the last call for the Labeled NFS. > > While this is a short document and certainly has had a lot of feedback > over its lifetime, I do not believe this particular version is ready to > forward to our AD. > > I need to have at least two reviewers for this version before I will > shepherd it forward. Given this is a requirements document and it deals > with security and it is providing a path for our NFSv4.2 work, I want it > to be ready for the broader IESG review. > > Thanks in advance for the help. > > Spencer > > > > _______________________________________________ > nfsv4 mailing list > nfsv4 <at> ietf.org > https://www.ietf.org/mailman/listinfo/nfsv4 Here are my comments come up with. Section 1 This might be splitting hairs so I leave it up to others to decide but technically Windows Vista/Windows 7 does not provide mandatory access controls. They have a mandatory integrity model but not access controls. Their access control model is squarely in the DAC category. Section 3.4 First paragraph The sentence "The opaque component consists of the label which will be interpreted by the MAC model on the other end...." That last part just reads weirdly to me. I'm not sure how to change it or if it needs to but reading over it several times it just doesn't read well to me. Section 3.5 In modes of operation we don't describe what we use to refer to a dumb mode. We have guest mode in here but I don't read anything in the section which says that the server may provide labeling without enforcing a policy and the client may still enforce policy on its end. Maybe its late and I'm missing something but I tried reading it over and couldn't find anything which would enable the use case in section 4.5 which is simple security label storage. Section 4.7 with subsections It seems weird to have such a large section describing MLS semantics. It was important when it was one of two use cases but is it still necessary? I'm ok with leaving it in but it seems out of place that we have over a full page for that one use case while everything else gets two or three paragraphs. That is all I could find. Everything else is very polished and reads well. I'm glad we were able to put together such a good document. _______________________________________________ nfsv4 mailing list nfsv4 <at> ietf.org https://www.ietf.org/mailman/listinfo/nfsv4
RSS Feed