MINUTES [nfsv4] 72nd IETF July 27 - August 1 2008; Dublin, Ireland === Agenda Bash Minutes from NFS V4 Meeting < Revieweed agenda and Noted Well and Blue Sheets... === Doc review Minor details need cleanup for normative references in RDMA draft, to close IANA issue. Lars suggested the RPC/RDMA I-D can define the registry and contents and when rfc1833 is updated, it can be formally specified there. We are leaning to putting it in the RDMA draft as 1831 is not in the right place. It is a very simple update that can occur during the final RFC editor updates. Michelle Cotton (IANA) and Lars want separate short doc with only IANA considerations - to move doc faster. Which is okay with us - Mike Eisler to tackle? Top three (two in RFC Editor), RDMA is resolved with IANA consideration. Remaining docs end of business Tuesday. RPC/RDMA map id program number is alloocated and is registered. NETID registry approach resolved with IANA to a small document. Spencer sent out a list of all the RPC numbers and RPC authentication flavor numbers - ready for transfer to IANA. Status from Lars Lars - good news is all the drafts we have is ready. One publication request is for RPCSEC draft this morning. Minor version 1 is massive, needs a really long IETF last call. Two months IETF last call recommended. We'll notify IESG to start reviewing simultaneous. Middle August to Middle October - then to IESG, longer. I don't expect to be approved before Minneapolis. Will be with IESG issues. Minneapolis can be used to talk to IESG. We used XML to produce, will make it easier to publish. Let's meet RFC Editor and show them what we want. We can combine to one XML at end as needed. Smaller docs can progress and be complete by Minneapolis. If we do a 4.0bis - work from RFC Editor draft. Lars would like us to move 4.1 forward with interop report against new RFC number. We will add this to new charter. All MUSTs must be implemented in the interoperability report. Can we do the federation work as a separate doc - we don't want to break any more IETF records. beepy needs two months to work external reviewers for large doc. Block and object related documents can go on two week cycle. Will start a bit after 4.1 proper. Automatic staggering of documents because Lars is going sailing... 4.1 spec will be sent last call in August, remaining docs (blocks and objects and RPC). === MAC Labelling - Dave Quigley NFS V4 don't support MAC labelling. Request from SELinux to. Proposal to provid esecure labeling functionality for NFS V4. Support MAC Model and Policy flexibility. FMAC project with OpenSolaris. Labelling work in BSD already. Interoperability. Recommendation: Add attribute as an opaque blob. Named attributes don't cut it - need to provide structure. Nico and Dave have problem with previous proposal for process labelling. Instead would like to bind to RPC session. (See slides for more details.) Kerberos only creates session tickets on user id - need per process Kerberos ID, is this possible. Julian Satran - why do you have to tie a process label to a session? AI: Credential like in object store mapping. Julian Satran and Quigley to talk in a follow up conversation. Label translation mechanism. Security policy needs flexibility (???) - Julian wants a non-opaque ID. AI: Opaque vs. non-opaque field needs to be taken to mail list. Need a better description of how the Operating Guest Mode may be problematic in IETF from a security perspective. Path to standardization... Some work happening in PKCS. Get a meeting with security and NFS people together... Short document that ripples through NFS 800 page doc and several hundred page KITTEN doc, and Kerberos working group. Nico has to pick up and review the doc. WebDAV people were looking at this - but is structured very differently - we should glance at WebDAV approach to make sure there is nothing there to worry about. RFC posted on WebDAV implemented. === Federated File System, Theresa Raj and Amy Weaver Multivendor working group. Federation is to provide a heterogeneous uniform name space. Theresa covered nomenclature to lay groundwork for protocol. Gave status on drafts... NSDB currently based on LDAP - may have extensibility issues. Proposal to add to the V4 charter. Julian Satrtan raised valid point that this protocol extension provides the mechanism but NOT The policy for a single global name space ala AFS. beepy observed AFS was a single implementation that enforced policy. beepy recommended in consultation with Lars at least an informational specification describing policy. We need IANA registration of name space heads? I wonder. That said - if we can enforce uniform name space policy, then we should. Lars suggests we get LDAP experts to review usage for NSDB. Apps review mailing list to review LDAP usage. Root definition. Looking at DNS RV records for discovery and configuration. RFID global directory problem - ... /nfs...iana Use DNS root names for orgs for internet file access application. === Beyond NFS V4.1, Eisler Metadata intensive workloads - LOOKUPs, OPENs, and READDIRs. Delegation alone not sufficient. Extend pNFS for support parallel metadata servers. Client work needed on fileset movement tracking in support of federations. Hole punching operation for use by hypervisors. Julian questions whether this is a big win... Maintaining end-to-end dense data representation... QoS and MAC Labelling and End-to-End Data Integrity... Noveck asks whether we have to have a charter item for low level items. Lars says IETF is more into layered charter approach, charter items can be added at any poitn on WG consensus and AD consent to add work to group. Charter text for Federated work, write charter text and work items and milestones to list... End-to-end integrity... who owns... approach Sun? IBM will help. Julian and beepy to following. Lisa Dusseault... application area advisor listed on charter...