home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Internet Info 1994 March
/
Internet Info CD-ROM (Walnut Creek) (March 1994).iso
/
inet
/
ietf
/
tnfs
/
tnfs-charter.txt
< prev
next >
Wrap
Text File
|
1993-04-07
|
3KB
|
80 lines
Trusted Network File Systems (tnfs)
Charter
Chair(s):
Fred Glover <fglover@zk3.dec.com>
Service Applications Area Director(s)
Dave Crocker <dcrocker@mordor.stanford.edu>
Mailing lists:
General Discussion:tnfs@wdl1.wdl.loral.com
To Subscribe: tnfs-request@wdl1.wdl.loral.com
Archive: archive-server@wdl1.wdl.loral.com
Description of Working Group:
The Trusted Network File System Working Group is chartered to define
protocol extensions to the Network File System (NFS) Version 2 protocol
which support network file access in a Multilevel Secure (MLS) Internet
environment. MLS functionality includes Mandatory Access Control (MAC),
Discretionary Access Control (DAC), authentication, auditing, documentation,
and other items as identified in the Trusted Computer System Evaluation
Criteria (TCSEC) and Compartmented Mode Workstation (CMW) documents.
The primary objective of this Working Group is to specify extensions to the
NFS V2 protocol which support network file access between MLS systems. It
is intended that these extensions should introduce only a minimal impact on
the existing NFS V2 environment, and that unmodified NFS V2 clients and
servers will continue to be fully supported.
Transferring information between MLS systems requires exchanging additional
security information along with the file data. The general approach to be
used in extending the NFS V2 protocol is to transport additional user context
in the form of an extended NFS UNIX style credential between a Trusted NFS
(TNFS) client and server, and to map that context into the appropriate server
security policies which address file access. In addition, file security
attributes are to be returned with each TNFS procedure call. Otherwise,
the NFS V2 protocol remains essentially unchanged.
The Trusted System Interoperability Group (TSIG) has already developed a
specification which defines a set of MLS extensions for NFS V2, and has also
planned for the future integration of Kerberos as the authentication mechanism.
The TNFS Working Group should be able to use the TSIG Trusted NFS document
as a foundation, and to complete the IETF TNFS specification within the
next 3-6 months.
Goals and Milestones:
Mar 91 Verify the interoperability of TNFS implementations at the 1992 NFS
Connectathon.
Done Review and approve the TNFS Working Group Charter, review revised
TSIG TNFS Specification, and publish a proposed standard following
the July meeting.
Jul 91 Review revised TSIG TNFS Specification.
Oct 91 Review outstanding comments/issues from mailing list.
Oct 91 Make any final revisions to TNFS document based on comments,
issues, and interoperability testing.
Nov 91 Publish a Proposed Standard following the July meeting.
Mar 92 Request IESG to make the revised document a Draft Standard.
Internet Drafts:
Posted Revised I-D Title <Filename>
------ ------- ------------------------------------------
Jul 91 Mar 93 <draft-ietf-tnfs-spec-03.txt>
A Specification of Trusted NFS (TNFS) Protocol Extensions
Request For Comments:
None to date.