From: The IESG <email@example.com>
To: IETF-Announce <firstname.lastname@example.org>
Cc: RFC Editor <email@example.com>,
nfsv4 mailing list <firstname.lastname@example.org>,
nfsv4 chair <email@example.com>
Subject: Document Action: 'Requirements for Labeled NFS' to Informational RFC (draft-ietf-nfsv4-labreqs-05.txt)
The IESG has approved the following document:
- 'Requirements for Labeled NFS'
(draft-ietf-nfsv4-labreqs-05.txt) as Informational RFC
This document is the product of the Network File System Version 4 Working
The IESG contact persons are Martin Stiemerling and Spencer Dawkins.
A URL of this Internet Draft is:
This Internet-Draft outlines high-level requirements for the
integration of flexible Mandatory Access Control (MAC)
functionality into NFSv4. It describes the level of
protections that should be provided over protocol components
and the basic structure of the proposed system. It also gives
a brief explanation of what kinds of protections MAC systems
Working Group Summary
After building the relavent use cases for labeling within
the NFS protocol, there has been broad consensus in the
working group for support of Mandatory Access Control (MAC)
The requirements and use cases captured in this Internet Draft
are built from a long history of operating systems security
structure and use. This document captures the best method
through years of implementation in other file system contexts
along with the implementation in SELinux of an NFS feature set
much like what is captured in the requirements. The content
of this document has received quality feedback and review
throughout its life.
Spencer Shepler (NFSv4 WG co-chair) is the document shepherd
Martin Stiemerling is the Responsible Area Director.