Skip to main content

Last Call Review of draft-ietf-nfsv4-layout-types-03
review-ietf-nfsv4-layout-types-03-secdir-lc-salowey-2015-04-23-00

Request Review of draft-ietf-nfsv4-layout-types
Requested revision No specific revision (document currently at 13)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2015-04-16
Requested 2015-04-02
Authors Thomas Haynes
I-D last updated 2015-04-23
Completed reviews Genart Last Call review of -03 by Meral Shirazipour (diff)
Genart Telechat review of -03 by Meral Shirazipour (diff)
Secdir Last Call review of -03 by Joseph A. Salowey (diff)
Opsdir Last Call review of -03 by Menachem Dodge (diff)
Genart Last Call review of -09 by Meral Shirazipour (diff)
Assignment Reviewer Joseph A. Salowey
State Completed
Request Last Call review on draft-ietf-nfsv4-layout-types by Security Area Directorate Assigned
Reviewed revision 03 (document currently at 13)
Result Has issues
Completed 2015-04-23
review-ietf-nfsv4-layout-types-03-secdir-lc-salowey-2015-04-23-00
Do not be alarmed, this document review is part of the

security directorate's

ongoing effort to review all IETF documents being processed by the IESG.  These
comments were written for the benefit of the document editors, WG chairs and
the security area directors.  Document editors and WG chairs

should treat these comments just l

ike any other last call comments.

I believe this document is ready with issues.

The document discusses security requirements for pNFS layout types.  The
document has significant discussions of security considerations, however I'm
not sure its complete and I think it could be better organized.  The main
places that need work are the security considerations section and the protocol
requirements section.

I'm not sure how best to break up the information between the security
considerations and the rest of the document, but here are some suggestions.

Security considerations - Different Layout types have significantly different
security properties.  I think this should be emphasized in the security
considerations section:

"Different layout types have significantly different security properties which
need to be considered during their design and deployment.  For example, some
layouts, such as the block layout type, can only enforce minimal security
controls and require the client to be trusted to enforce additional access
controls. "

The current security considerations section discusses fencing requirements. 
Are there additional security considerations around the control protocol used
to revoke access at the storage device?  It would seem that the integrity and
availability of this channel is important.   Possibly the confidentiality of
the channel is important as well.

It would probably be a good idea to discuss the security requirements of the
storage protocol as well.

It would probably be a good idea to reference section 12.9 and 13.12 of RFC
5661.

Are there cases where any contextual information needs to be communicated over
the control channel (access control information perhaps)?

This document does not include privacy considerations, but neither does RFC
5661, so I'm not sure it would be in scope.

I'm new to NFSv4 and pNFS so if some of this isn't clear let me know and I can
try to clarify.

Cheers,

Joe