Requirements for Labeled NFS
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: RFC Editor <firstname.lastname@example.org>, nfsv4 mailing list <email@example.com>, nfsv4 chair <firstname.lastname@example.org> Subject: Document Action: 'Requirements for Labeled NFS' to Informational RFC (draft-ietf-nfsv4-labreqs-05.txt) The IESG has approved the following document: - 'Requirements for Labeled NFS' (draft-ietf-nfsv4-labreqs-05.txt) as Informational RFC This document is the product of the Network File System Version 4 Working Group. The IESG contact persons are Martin Stiemerling and Spencer Dawkins. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-nfsv4-labreqs/
Technical Summary This Internet-Draft outlines high-level requirements for the integration of flexible Mandatory Access Control (MAC) functionality into NFSv4. It describes the level of protections that should be provided over protocol components and the basic structure of the proposed system. It also gives a brief explanation of what kinds of protections MAC systems offer. Working Group Summary After building the relavent use cases for labeling within the NFS protocol, there has been broad consensus in the working group for support of Mandatory Access Control (MAC) funtionality. Document Quality The requirements and use cases captured in this Internet Draft are built from a long history of operating systems security structure and use. This document captures the best method through years of implementation in other file system contexts along with the implementation in SELinux of an NFS feature set much like what is captured in the requirements. The content of this document has received quality feedback and review throughout its life. Personnel Spencer Shepler (NFSv4 WG co-chair) is the document shepherd Martin Stiemerling is the Responsible Area Director.