Skip to main content

Registry Specification for Mandatory Access Control (MAC) Security Label Formats
RFC 7569

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc: RFC Editor <>,
    nfsv4 mailing list <>,
    nfsv4 chair <>
Subject: Protocol Action: 'Registry Specification for Mandatory Access Control (MAC) Security Label Formats' to Proposed Standard (draft-ietf-nfsv4-lfs-registry-06.txt)

The IESG has approved the following document:
- 'Registry Specification for Mandatory Access Control (MAC) Security
   Label Formats'
  (draft-ietf-nfsv4-lfs-registry-06.txt) as Proposed Standard

This document is the product of the Network File System Version 4 Working

The IESG contact persons are Spencer Dawkins and Martin Stiemerling.

A URL of this Internet Draft is:

Ballot Text

Technical Summary

        This Internet-Draft outlines the high-level framework
        necessary for the integration of flexible Mandatory Access
        Control (MAC) functionality into NFSv4.  It allocates
        initial identifiers for the existing different label formats.

Working Group Summary

        After publishing the requirements for Labeled NFS (as RFC 7204)
        and preparing for the upcoming minor version (NFSv4.2) with
        Labeled NFS support, there has been a broad consensus to
        support a registry of Label Format Specifiers.

Document Quality

        The initial assignments captured in this Internet Draft
	are built from a long history of operating systems security
	structure and use.  This document captures the best method
	through years of implementation in other file system contexts
	along with the implementation in SELinux of an NFS feature set
	much like what is captured in the requirements.  The content
	of this document has received quality feedback and review
	throughout its life.


Spencer Shepler (NFSv4 WG co-chair) is the document shepherd
Martin Stiemerling is the Responsible Area Director.

RFC Editor Note