Skip to main content

RPCSEC_GSS Version 2
RFC 5403

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc: Internet Architecture Board <>,
    RFC Editor <>, 
    nfsv4 mailing list <>, 
    nfsv4 chair <>
Subject: Protocol Action: 'RPCSEC_GSS Version 2' to Proposed 

The IESG has approved the following document:

- 'RPCSEC_GSS Version 2 '
   <draft-ietf-nfsv4-rpcsec-gss-v2-07.txt> as a Proposed Standard

This document is the product of the Network File System Version 4 Working 

The IESG contact persons are Lars Eggert and Magnus Westerlund.

A URL of this Internet-Draft is:

Ballot Text

Technical Summary

RPCSEC_GSS version 2 (RPCSEC_GSSv2) is the same as RPCSEC_GSS
version 1 (RPCSEC_GSSv1) except that support for channel
bindings has been added. The primary motivation for channel
bindings is to securely take advantage of hardware assisted
encryption that might exist at lower levels of the networking
protocol stack, such as at the Internet Protocol (IP) layer
in the form of IPsec. The secondary motivation is that even
if lower levels are not any more efficient at encryption than
the RPCSEC_GSS layer, if encryption is occurring at the lower
level, it can be redundant at the RPCSEC_GSS level.

Working Group Summary

The working group development and review of this work was
straightforward. The motivation is well understood and
agreed upon and no major issues were identified or impeded
progress during document review.

Document Quality

No existing implementations yet exist but given the author
and reviewers are knowledgeable about more than one
implementation of the current RPCSEC_GSS protocol, it is
believed that the quality of this work is to be considered


Spencer Shepler ( is the Document
Shepherd. Lars Eggert ( reviewed this
document for the IESG.

RFC Editor Note