Nicolas Williams wrote: > I finally wrote an [individual submission] Internet-Draft for dealing > with process security labels in NFSv4 (and other ONC RPC protocols): > > http://www.ietf.org/internet-drafts/draft-williams-rpcsecgssv3-00.txt > > The goal is to get the IETF NFSv4 WG to take on the work. If the WG > takes this on I'll need an editor and/or co-author to see this through > to publication as an RFC. > > In the meantime, review from the OpenSolaris security community would be > useful. Comments specific to OpenSolaris should be made on this list, > while general comments should probably be made on the IETF NFSv4 WG list > (nfsv4 at ietf.org). > > Features of RPCSEC_GSSv3: > > - compound authentication of client host and user to server > - needed to provide servers with assurance of client ID in order to > evaluate process credentials assertions while still retaining user > authentication > - process credentials assertions > - security labels > - privileges (app-specific) > - identity (app-specific; think: replacement for AUTH_SYS that uses > name at domain on the wire, plus GSS-API for client auth!) > - channel binding (without a hash function) > > Comments? >
Maybe out of scope for your draft, but again it is a v3 specification and was something I brought up during the RPCv2 bis sec review expecting them not to radically change their draft: Verifiers could also be useful in some cases in reply messages that are not accepted by the server. This is useful when preventing a DoS attack on clients. It would be up to the GSS mechanism to determine how to do this if at all possible. Shawn. --
