Browse Prior Art Database

Security Negotiation for WebNFS (RFC2755)

IP.com Disclosure Number: IPCOM000003352D
Original Publication Date: 2000-Jan-01
Included in the Prior Art Database: 2000-Sep-13
Document File: 9 page(s) / 22K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

A. Chiu: AUTHOR [+3]

Abstract

This document describes a protocol for a WebNFS client [RFC2054] to negotiate the desired security mechanism with a WebNFS server [RFC2055] before the WebNFS client falls back to the MOUNT v3 protocol [RFC1813]. This document is provided so that people can write compatible implementations.

This text was extracted from a ASCII Text document.
This is the abbreviated version, containing approximately 14% of the total text.

Network Working Group A. Chiu

Request for Comments: 2755 M. Eisler

Category: Informational B. Callaghan

Sun Microsystems

January 2000

Security Negotiation for WebNFS

Status of this Memo

This memo provides information for the Internet community. It does

not specify an Internet standard of any kind. Distribution of this

memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (2000). All Rights Reserved.

Abstract

This document describes a protocol for a WebNFS client [RFC2054] to

negotiate the desired security mechanism with a WebNFS server

[RFC2055] before the WebNFS client falls back to the MOUNT v3

protocol [RFC1813]. This document is provided so that people can

write compatible implementations.

Table of Contents

1. Introduction .............................................. 2

2. Security Negotiation Multi-component LOOKUP ............... 3

3 Overloaded Filehandle ..................................... 4

3.1 Overloaded NFS Version 2 Filehandle ..................... 5

3.2 Overloaded NFS Version 3 Filehandle ..................... 6

4. WebNFS Security Negotiation ............................... 6

5. Security Considerations ................................... 10

6. References ................................................ 10

7. Acknowledgements .......................................... 10

8. Authors' Addresses ........................................ 11

9. Full Copyright Statement .................................. 12

1. Introduction

The MOUNT protocol is used by an NFS client to obtain the necessary

filehandle for data access. MOUNT versions 1 and 2 [RFC1094] return

NFS version 2 filehandles, whereas MOUNT version 3 [RFC1813] returns

NFS version 3 filehandles.

Among the existing versions of the MOUNT protocol, only the MOUNT v3

provides an RPC procedure (MOUNTPROC3_MNT) which facilitates security

negotiation between an NFS v3 client and an NSF v3 server. When this

RPC procedure succeeds (MNT3_OK) the server returns to the client an

array of security mechanisms it supports for the specified pathname,

in addition to an NFS v3 filehandle.

A security mechanism referred to in this document is a generalized

security flavor which can be an RPC authentication flavor [RFC1831]

or a security flavor referred to in the RPCSEC_GSS protocol

[RFC2203]. A security mechanism is represented as a four-octet

integer.

No RPC procedures are available for security negotiation in versions

1 or 2 of the MOUNT protocol.

The NFS mount command provides a "sec=" option for an NFS client to

specify the desired security mechanism to use for NFS transactions.

If this mount option is not specified, the default action is to use

t...