Remote Direct Memory Access Transport for Remote Procedure Call
RFC 5666
Yes
No Objection
Note: This ballot was opened for revision 09 and is now closed.
Lars Eggert Yes
(Chris Newman; former steering group member) No Objection
I support Lisa's discuss comment.
(David Ward; former steering group member) No Objection
(Jari Arkko; former steering group member) No Objection
(Lisa Dusseault; former steering group member) (was Discuss) No Objection
This comment is a revision of what was originally a DISCUSS which I held while trying to understand the authentication model for this document. I never quite managed to understand the authentication model of combining RDMA, RPC and NFS as described in this document. I thought that use of this suite would be in practice be limited to trusted situations where an administrator explicitly sets up a data transfer or a synchronization relationship between two servers -- I can see this being useful in contexts where you basically want superuser access to a file system. However, the authors inform me that this can be used securely over the Internet. What I don't understand is how implementations know what authentication to prompt for, how the user knows what domain's authentication information is being asked for, how to tie authentication at different layers together, and how to tie authenticated identities at this layer to NFS ACE principals. These may well all be implementation problems, and I'm clearing my DISCUSS because I can't be sure that they aren't. I had been thinking of an applicability statement, but now that I've learned that this ought to be securely usable on the Internet, I no longer think an applicability statement would be helpful.
(Magnus Westerlund; former steering group member) No Objection
(Mark Townsley; former steering group member) No Objection
(Ron Bonica; former steering group member) No Objection
(Ross Callon; former steering group member) No Objection
(Russ Housley; former steering group member) No Objection
(Tim Polk; former steering group member) No Objection