Skip to main content

Requirements for Labeled NFS

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc: RFC Editor <>,
    nfsv4 mailing list <>,
    nfsv4 chair <>
Subject: Document Action: 'Requirements for Labeled NFS' to Informational RFC (draft-ietf-nfsv4-labreqs-05.txt)

The IESG has approved the following document:
- 'Requirements for Labeled NFS'
  (draft-ietf-nfsv4-labreqs-05.txt) as Informational RFC

This document is the product of the Network File System Version 4 Working

The IESG contact persons are Martin Stiemerling and Spencer Dawkins.

A URL of this Internet Draft is:

Ballot Text

Technical Summary

        This Internet-Draft outlines high-level requirements for the
        integration of flexible Mandatory Access Control (MAC)
        functionality into NFSv4.  It describes the level of
        protections that should be provided over protocol components
        and the basic structure of the proposed system.  It also gives
        a brief explanation of what kinds of protections MAC systems

Working Group Summary

        After building the relavent use cases for labeling within 
        the NFS protocol, there has been broad consensus in the
        working group for support of Mandatory Access Control (MAC)

Document Quality

	The requirements and use cases captured in this Internet Draft
	are built from a long history of operating systems security
	structure and use.  This document captures the best method
	through years of implementation in other file system contexts
	along with the implementation in SELinux of an NFS feature set
	much like what is captured in the requirements.  The content
	of this document has received quality feedback and review
	throughout its life.


Spencer Shepler (NFSv4 WG co-chair) is the document shepherd
Martin Stiemerling is the Responsible Area Director.

RFC Editor Note