Re: [nfsv4] comments on draft-welch-pnfs-ops-00.txt

Next message: Nicolas Williams: "Re: [nfsv4] comments on draft-welch-pnfs-ops-00.txt"
Previous message: Brent Welch: "Re: [nfsv4] comments on draft-welch-pnfs-ops-00.txt"
In reply to: Brent Welch: "Re: [nfsv4] comments on draft-welch-pnfs-ops-00.txt"
Next in thread: Spencer Shepler: "Re: [nfsv4] comments on draft-welch-pnfs-ops-00.txt"

sommerfeld@sun.com

Subject: Re: [nfsv4] comments on draft-welch-pnfs-ops-00.txt
From: Bill Sommerfeld <sommerfeld@sun.com>
Message-Id: <1100285004.4711.36.camel@unknown.hamachi.org>
Date: Mon, 15 Nov 2004 22:23:18 -0500

On Thu, 2004-11-11 at 19:35, Brent Welch wrote:
> Where this affects pNFS is that the signing key needs to be returned
> from the metadata server to the client through a secure channel. We
> can use the GSS infrastructure for this, but I think it places a new
> demand on the return path.

This may just be a terminology point:

 0) if you're talking about a symmetric secret-key based MIC/MAC, using
the verb "sign" will often confuse folks into thinking that you mean
public key.

 1) if you're talking about a public key signature, the usual mechanism
for this sort of delegation involves the signer (the pNFS client in this
case) generating a signature keypair, and the authority (pNFS metadata
server) authorizing that key to the verifier (storage server).

 2) there are other ways to delegate authority to a client besides
passing keys around which may be more robust in the face of accidental
disclosures.. signed authorizations can be revoked;  shared keys might
not be so easy to change in the event that a client is compromised.

					- Bill

_______________________________________________
nfsv4 mailing list
nfsv4@ietf.org
https://www1.ietf.org/mailman/listinfo/nfsv4