[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [nfsv4] FedFS Meeting Minutes, 10/22/2009

To: James Lentini <jlentini at netapp.com>
Subject: Re: [nfsv4] FedFS Meeting Minutes, 10/22/2009
From: Nicolas Williams <Nicolas.Williams at sun.com>
Date: Thu, 22 Oct 2009 15:40:26 -0500
Cc: nfsv4 at ietf.org
Delivered-to: nfsv4 at core3.amsl.com
In-reply-to: <alpine.LFD.2.00.0910221619550.11932 at jlentini-linux.nane.netapp.com>
List-archive: <http://www.ietf.org/mail-archive/web/nfsv4>
List-help: <mailto:nfsv4-request@ietf.org?subject=help>
List-id: NFSv4 Working Group <nfsv4.ietf.org>
List-post: <mailto:nfsv4@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
References: <alpine.LFD.2.00.0910221439290.11932 at jlentini-linux.nane.netapp.com> <20091022192113.GV892 at Sun.COM> <alpine.LFD.2.00.0910221619550.11932 at jlentini-linux.nane.netapp.com>
User-agent: Mutt/1.5.7i

On Thu, Oct 22, 2009 at 04:28:14PM -0400, James Lentini wrote:
> On Thu, 22 Oct 2009, Nicolas Williams wrote:
> > Comments:
> > 
> >  - I'm glad to see the schema using Integer syntax more, and
> >    fedfsNfsInfo gone.
> > 
> >  - Have we reached a consensus on path encoding?
> 
> The plan is to consider this format (and others that people would like 
> to writeup and propose) between now and mid-November and resolve this 
> question with the mid-November draft update.

OK.

> >  - Extensions to the ADMIN protocol for passing NSDB self-signed certs
> >    and/or TAs should be quite trivial: an array (<>) of opaque, each
> >    array element containing a TA in the format that PKIX WG is working
> >    on, and an array (<>) of {NSDB server hostname, opaque cert} in the
> >    create junction and lookup FSN RPCs.
> 
> Including this in the ADMIN protocol is one option. In that approach, 
> I see advantages to creating a separate procedure(s) for managing the 
> TAs. This would allow the TA management operations to be performed 
> independently of the filesystem operations.

Indeed, separate procedures for TA mgmt sounds right.  They should be
OPTIONAL to implement (if not implemented the procedures should return
an error).

An error code would be needed by which the server could say "I couldn't
authenticat the NSDB" at junction-add time.

Speaking of errors, the server should try to resolve FSNs immediately
upon junction creation, and there should be a procedure for getting a
list of FSNs/FSLs that have been unresolvable "lately", as well as
FSN/FSL resolution error counts/stats.  The recent error list/stats part
seems particularly useful: there must be a way to diagnose such
failures, and without a protocol for it the diagnostic procedures will
be vendor-specific.

> Another option to investigate is TAMP.

Yes, but I suspect that the above approach is more likely to work well
for the simple reason that it's more light-weight because it's more
ad-hoc.

Nico
--

Follow-Ups:
- Re: [nfsv4] FedFS Meeting Minutes, 10/22/2009
  - From: James Lentini

References:
- [nfsv4] FedFS Meeting Minutes, 10/22/2009
  - From: James Lentini
- Re: [nfsv4] FedFS Meeting Minutes, 10/22/2009
  - From: Nicolas Williams
- Re: [nfsv4] FedFS Meeting Minutes, 10/22/2009
  - From: James Lentini

Prev by Date: Re: [nfsv4] FedFS Meeting Minutes, 10/22/2009
Next by Date: Re: [nfsv4] FedFS Meeting Minutes, 10/22/2009
Previous by thread: Re: [nfsv4] FedFS Meeting Minutes, 10/22/2009
Next by thread: Re: [nfsv4] FedFS Meeting Minutes, 10/22/2009
Index(es):
- Date
- Thread