From: Alex Chiu (hacker@sunnet.eng.sun.com)
Date: 10/04/99-01:21:28 PM Z
Date: Mon, 4 Oct 1999 11:21:28 -0700 (PDT)
From: Alex Chiu <hacker@sunnet.eng.sun.com>
Message-Id: <199910041821.LAA07586@sunnet.eng.sun.com>
Subject: Re: Review Request: WebNFS Security Informational RFC
This draft has been updated and the pointer to the updated version is
http://playground.sun.com/pub/nfs/wnfs-sec-nego-01.txt
As Eric Werme points out that there are WebNFS implementations that
allow the public filehandle to work with NFS protocol procedures
other than LOOKUP. The updated draft documents a way for those
implementations to negotiate security information when the first
NFS request is not a LOOKUP.
Two terse paragraphs are added to the draft (Section 4, WebNFS
Security Negotiation):
In the above scenario, the first request is a regular multi-component
LOOKUP which fails with the AUTH_TOOWEAK error. The client then issues a
SNEGO-MCL request to get the security information.
There are WebNFS implementations that allow the public filehandle to work
with NFS protocol procedures other than LOOKUP. For those WebNFS
implementations, if the first request is not a regular multi-component
LOOKUP and it fails with AUTH_TOOWEAK, the client should issue a SNEGO-MCL
with
0x81 0x01 "."
as the path to get the security information.
Other minor changes include:
1. date changes:
26-March-99 ==> 4-October-99
2. Section 2, Security Negotiation Multi-component LOOKUP,
paragraph 7:
Typo: mulit-component path
^^^^^
mulit ==> multi
3. url changes in References:
http://www.internic.net/rfc/rfcxxxx.txt
to
http://www.ietf.org/rfc/rfcxxxx.txt
Alex
> From nfs4-wg-request@sunroof.eng.sun.com Wed Sep 29 11:38:06 1999
> From: Brian Pawlowski <beepy@netapp.com>
> Subject: Review Request: WebNFS Security Informational RFC
> To: nfs4-wg@sunroof.eng.sun.com (Mr. NFS V4 Protcol)
> Date: Wed, 29 Sep 1999 11:28:35 -0700 (PDT)
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
>
> Because of the experise of this workgroup (NFS Version 4), we were
> requested to review the informational RFC describing security
> negotiation and WebNFS.
>
> This is not an NFS Version 4 document.
>
> Please review the document and send comments directly to the authors:
>
> Alex.Chiu@eng.sun.com
> brent@eng.sun.com
> mre@eng.sun.com
>
> by Thursday, October 7, 1999. I'd like to be copied on responses.
>
> Of course, if reviewing the document triggers any comment for
> NFS Version 4 then respond to the alias.
>
> The document is brief. The URL for the document appears below. This
> material was presented Mike Eisler at the Connectathon meeting in
> March, and the slides for that talk can be found at:
>
> http://www.connectathon.org/talks99/hacker.pdf
>
> -----------------------------------------------------------------------
>
> Title: "Security Negotiation for WebNFS"
> Authors: A. Chiu, M. Eisler, B. Callaghan.
>
> Abstract:
>
> This document describes a protocol for a WebNFS client [RFC2054] to
> negotiate the desired security mechanism with a WebNFS server
> [RFC2055] before the WebNFS client falls back to the MOUNT v3
> protocol [RFC1813]. This document is provided so that people can
> write compatible implementations.
>
> http://www.ietf.org/internet-drafts/draft-chiu-network-wnfs-sec-nego-00.txt
>
>
This archive was generated by hypermail 2.1.2 : 03/04/05-01:47:41 AM Z CST