Presentation is loading. Please wait.

Presentation is loading. Please wait.

David Noveck IETF99 at Prague July 20, 2017

Published byErica Atkinson Modified over 5 years ago

Similar presentations

Presentation on theme: "David Noveck IETF99 at Prague July 20, 2017"— Presentation transcript:

1 David Noveck IETF99 at Prague July 20, 2017
Working Group Re-charter Discussion of Draft Charter Proposal and Expected Follow-through David Noveck IETF99 at Prague July 20, 2017 7/20/2017 IETF99 nfsv4wg: Charter Discussion

2 IETF99 nfsv4wg: Charter Discussion
Summary My premises: Working group needs to continue doing the sorts of things it has been doing All of these things are outside the current charter which needs to change. Need to come up with a proposed charter That says we will continue our current path. That the working group can live with. And that is acceptable to AD and IESG Be nice to have some milestones But we also need to make provision for adding them later. Need an action plan to go forward with Target dates would be nice 7/20/2017 IETF99 nfsv4wg: Charter Discussion

3 Getting to a Charter Proposal Current Drafts
I’ve been circulating a charter draft (Now at iteration Four) Also a milestones draft Only one milestone now but we could add some. Current Issues (that I know of) to resolve: Chuck’s issue with the virtualization-management text How to address flex-files work. Worries about security area (see Security Issues Slides) Very limited set of milestones (see Milestones) I may be missing some issues 7/20/2017 IETF99 nfsv4wg: Charter Discussion

4 Getting to a Charter Proposal Next Steps
Need general agreement on broad outlines. So speak up ASAP if: You think we need a more restrictive, strictly-maintenance-focused Charter You know of an extension area we are missing There is an important new initiative we should be considering. You think the IESG’s security concerns should be addressed in a different way. You think my draft is significantly wrong in any other way. Those not here should also have an opportunity to comment. Citing nits is OK, but need to focus on agreement on basic message. 7/20/2017 IETF99 nfsv4wg: Charter Discussion

5 IETF99 nfsv4wg: Charter Discussion
Upward Acceptability Have to face the fact that some people have veto power  But so far nobody has been brandishing a veto pen  We have to make a proposal and see what happens. Looking at sections of current proposal: Maintenance section keyed to a lot of the stuff we have been doing, including RFC 7931 and the RDMA bis documents. Extension section should be OK in general given publication of RFC As far as specific extension areas, including security, we’ll just have to see. 7/20/2017 IETF99 nfsv4wg: Charter Discussion

6 Security Issues SECDIR Feedback
Bad feeling of SECDIR about NFS security. Could be an issue when charter is considered by IESG. Description of Security Considerations in RFC7530: “Not a security plan.” “Woefully inadequate” “A collection of random thoughts jotted down in a haphazard manner” It isn’t a well-thought out plan for NFSv4 security. However, The IESG at the time approved RFC7530 as a Proposed Standard Very similar to Security Considerations in RFCs 3530 and 5661. 7/20/2017 IETF99 nfsv4wg: Charter Discussion

7 Security Issues Addressing SECDIR Feedback
Will evolve over time First step is for the charter to allow us to address these issues (see Next Slide) May need to provide specific security improvements to address existing weaknesses Need more specificity from SECDIR about their concerns. Need general working group agreement on addressing these issues. There are a large number of possible approaches Some possible directions laid out in Possible Security Directions Need to get something acceptable to the working group and SECDIR. 7/20/2017 IETF99 nfsv4wg: Charter Discussion

8 Security Issues Charter Proposal Responses
Limited so far: In maintenance section, added a reference to addressing IESG expectations in this area. Not yet sure how to address these expectations Extension section refers to “more effective responses to security challenges” Will need to understand IESG/SECDIR expectations for those extensions. Maybe proposing to deal with security challenges (in the abstract) is not OK right now. It would be nice to have at least one concrete proposal for a security-related extension, either from someone in WG or SECDIR. 7/20/2017 IETF99 nfsv4wg: Charter Discussion

9 Possible Security Directions Slide One of Two
Explain better where we are and why Respond to the one specific SECDIR criticism. Might not be enough but would help anyway. Try to address usage of NFSv4 in non-LAN environments This sounds like it would appeal to SECDIR. We would need SECDIR input regarding current weaknesses. But there might not be sufficient working group or implementer interest. 7/20/2017 IETF99 nfsv4wg: Charter Discussion

10 Possible Security Directions Slide Two of Two
Focus on acceptable performance when encryption is needed Would address MITM attacks without a VPN Would address the problem of NFSv4 being used without privacy, almost universally Since our competition is with disk access protocols, an implementation like that for ISCSI might make sense. Would not help performance until adopted by NIC/RNIC vendors Software implementations would serve as prototypes. Would be a very long-term effort 7/20/2017 IETF99 nfsv4wg: Charter Discussion

11 IETF99 nfsv4wg: Charter Discussion
Milestones We need to have some to make clear to the IESG where we are going in the near-term. Right now only one  Possible milestone sources: Work arising out of migration-issues-xx. Work for flex-files-xx. RDMA-related milestones? Something security-related? We do have the option to add them later. 7/20/2017 IETF99 nfsv4wg: Charter Discussion

12 Arriving at an Action Plan
Plan needs to address: Who is responsible for what And needs target dates for completion of individual steps Needs target dates for: Agreement on broad outlines Agreement on initial set of milestones A proposed draft with any necessary fine-tuning Completion of the process 7/20/2017 IETF99 nfsv4wg: Charter Discussion

Download ppt "David Noveck IETF99 at Prague July 20, 2017"

Similar presentations

Authentication, Access Control, and Authorization (1 of 2) 0 NPRM Request (for 2017) ONC is requesting comment on two-factor authentication in reference.

Authentication, Access Control, and Authorization (1 of 2) 0 NPRM Request (for 2017) ONC is requesting comment on two-factor authentication in reference.
RUCUS BOF IETF-71 IETF Exploratory Groups Bernard Aboba Microsoft Corporation Laksminath Dondeti Qualcomm, Inc. March 10, 2008 Philadelphia, PA.

RUCUS BOF IETF-71 IETF Exploratory Groups Bernard Aboba Microsoft Corporation Laksminath Dondeti Qualcomm, Inc. March 10, 2008 Philadelphia, PA.
Extensions to OSPF-TE for Inter-AS TE draft-ietf-ccamp-ospf-interas-te-extension-01.txt Mach Renhai

Extensions to OSPF-TE for Inter-AS TE draft-ietf-ccamp-ospf-interas-te-extension-01.txt Mach Renhai
July 27, 2009IETF NEA Meeting1 NEA Working Group IETF 75 Co-chairs: Steve Hanna

July 27, 2009IETF NEA Meeting1 NEA Working Group IETF 75 Co-chairs: Steve Hanna
Security Policy Update LCG GDB Prague, 4 Apr 2007 David Kelsey CCLRC/RAL

Security Policy Update LCG GDB Prague, 4 Apr 2007 David Kelsey CCLRC/RAL
Pseudowire And LDP-enabled Services (PALS) WG Status IETF-91 Honolulu Co-Chairs: Stewart Bryant and Andy Malis

Pseudowire And LDP-enabled Services (PALS) WG Status IETF-91 Honolulu Co-Chairs: Stewart Bryant and Andy Malis
Disman – IETF 56 Alarm MIB Sharon Chisholm Dan Romascanu

Disman – IETF 56 Alarm MIB Sharon Chisholm Dan Romascanu
Multiple Interfaces (MIF) WG IETF 79, Beijing, China Margaret Wasserman Hui Deng

Multiple Interfaces (MIF) WG IETF 79, Beijing, China Margaret Wasserman Hui Deng
File: /ram/wgchairs.sxi Date: 7 January, 2016 Slide 1 Process and Tools (PROTO) Team General Area Meeting IETF59, Seoul, Korea -- March 2004

File: /ram/wgchairs.sxi Date: 7 January, 2016 Slide 1 Process and Tools (PROTO) Team General Area Meeting IETF59, Seoul, Korea -- March 2004
SonOf3039 Status Russ Housley Security Area Director.

SonOf3039 Status Russ Housley Security Area Director.
BFD IETF 83. Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any.

BFD IETF 83. Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any.
Moving towards an IRS WG Charter Ross Callon IETF 85, Atlanta.

Moving towards an IRS WG Charter Ross Callon IETF 85, Atlanta.
Requirements and Selection Process for RADIUS Crypto-Agility December 5, 2007 David B. Nelson IETF 70 Vancouver, BC.

Requirements and Selection Process for RADIUS Crypto-Agility December 5, 2007 David B. Nelson IETF 70 Vancouver, BC.
1 1 Cullen Jennings IETF 90 V5. 2 WebRTC has “flows” of Audio, Video, and Data between browsers JavaScript applications running in the browser have an.

1 1 Cullen Jennings IETF 90 V5. 2 WebRTC has “flows” of Audio, Video, and Data between browsers JavaScript applications running in the browser have an.
SEND WG IETF 57, Vienna Monday, July 14, 9:00 am.

SEND WG IETF 57, Vienna Monday, July 14, 9:00 am.
SIP wg Items Jonathan Rosenberg dynamicsoft Caller Preferences: Changes Discussion of Redirects –Previous draft only proxy –Nothing different for redirect.

SIP wg Items Jonathan Rosenberg dynamicsoft Caller Preferences: Changes Discussion of Redirects –Previous draft only proxy –Nothing different for redirect.
Who am I? ● Michael Richardson ● ● ● Director, Consumer Desktop Desktop Development – working on an ubuntu-based* virtual.

Who am I? ● Michael Richardson ● ● ● Director, Consumer Desktop Desktop Development – working on an ubuntu-based* virtual.
CAPWAP Threat Analysis

CAPWAP Threat Analysis
Module 5: Communication Plan and Process for Addressing Barriers

Module 5: Communication Plan and Process for Addressing Barriers
ID Tracker States: An Internet Draft’s Path Through the IESG

ID Tracker States: An Internet Draft’s Path Through the IESG

Similar presentations

Ads by Google