►
From YouTube: IETF105-NFSV4-20190725-1330
Description
NFSV4 meeting session at IETF105
2019/07/25 1330
https://datatracker.ietf.org/meeting/105/proceedings/
A
B
A
A
You
have
anything
to
say
so.
Welcome
then
of
us
be
working
group
had
150
F.
It
means
the
nfsv4
working
group
has
been
going
on
since
the
early
60s.
Now
we
have
an
agenda
here.
A
Let
me
go
through
it.
First
topic
is
with
Dave
Novick
on
minor
protocol
updates
that
your
document
is
called
update,
stan
FS
right
or
something
like
that.
Rpc
over
TLS,
the
Chuck
Lieber
integrity
measurement,
Chuck
leave
are
already
ma,
Chuck
Lieber,
milestone
of
you
web,
which
will
have
to
be
done.
A
lot
I
was
looking
at
Dave,
slides
there
they're
good
to
get
our
discussion
going
on
our
milestone.
We
have
we'd,
you
have
to
update
the
milestones
and
and
Magnus
will
be
paying
attention
to
that
section.
A
And
then
no
and
then
saurons
up
with
saurons
up
with
a
discussion
on
data
reduction,
extended
attributes,
I
thought
that's
discussions
been
going
on
since
we
got
in
the
room.
So
let's,
let's,
let's,
let's
just
reach
closure
on
that,
and
then
we
added
a
delegation
of
state
IDs
of
Tom
Haines.
That
was
added
just
now.
So
as
there
any
other
changes
to
the
agenda,
anybody
care.
A
A
E
A
Tomatoes,
okay,
the
and
then
you
every
time
you
come
in
here
you
sign
when
you
register
and
you
get
your
little
agenda.
You
have
a
note
well
on
it.
It's
a
continuously
evolving
small
note
by
the
way,
but
it
basically
the
more
important
things.
Are
you
you're
participating?
It's
me
recording,
perhaps
or
taking
minutes
and
you're,
allowing
a
lot
to
take
place,
and
the
other
thing
is
that
if
you
wear
of
any
IETF
contribution
is
covered
by
patents
or
patent
applications
that
are
owned
or
controlled
by
you,
your
sponsor.
A
D
C
A
Rainier
welcome
to
renzo
so
you
know,
I
actually
do
look
at
the
note.
Well,
every
time
I
come
to
an
IETF
BT
because
it
does
change
meeting
to
meeting
to
take
a
look
at
it,
but
the
core
of
it
is
the
same
all
right.
Let's
start
so
we
decided
to
keep
the
agenda
in
the
order.
It
is
I
believe
overriding
Chuck's
suggestion,
that's
okay!
B
A
F
F
A
F
Back
sure,
all
right,
all
right,
okay,
so
the
before
the
no
changes
are
limited
to
truckin.
We
had
a
trunking
discovery
and
that
it
actually
has
been
published.
I,
don't
know
what
you
know
Chuck
did
he
got
it?
Oh,
he
got
it
through
the
icy
ice.
Yes,
she
did
not
stop
him
before
that.
One,
a
tougher
story
and
I'm
going
to
talk
about
my
travails
about
that.
So
we
had
a
trunking
discovery
and
transparent
state
migration
to
be
4.1.
F
We
transparent
state
migration
had
been
done
for
data
and
X
number
of
people
bothered
me
about
making
sure
that
4.1
was
at
the
same
level.
So
this
was
not
published
yet
as
an
RFC
and
that's
a
long
story,
and
that's
most
of
this
talk
and
it's
kind
of
sad,
but
then
we
I
think
we
need
to
have
an
implementation
discussion
about
what's
happening
with
prototyping
and
getting
these
stuff
to
actually
actually
in
the
field.
Alright,.
F
F
If
we
got
to
say
well,
you
can,
if
you
have
two
addresses,
you
can
figure
out
whether
they're,
trunked
or
not,
but
there
was
no
way
I
said:
oh
I
haven't
addressed
what
other
dress
is
trunk
with
that,
so
that
was
that
was
trunking
discovery
in
addition
to
trucking
detection,
so
in
in
the
v4
know,
Chuck's
document
defined
the
interaction
of
trunking
migration,
even
support.
You
know
trunking
discovery
in
trunking.
You
can
have
two
things
that
work
trunk
also
become
not
trunk.
You
can
have
things
migrant,
didn't,
wedding
things
in
my
grade.
F
You
can
migrate
from
from
from
two
trunk
things
to
one
to
one
pattern
on
the
other
thing
or
the
vice
versus,
and
that's
all
support.
This
was
published
as
propose
sandal.
It
actually
happened
by
the
milestone
date,
although
I
don't
know
what
the
definition
of
final
submission
is.
But
anyway,
it's
publicist
RFC
anyway,.
F
Now
for
beef,
one
we
had
more
to
do.
We
had
to
add
trunking
discovery,
just
as
we
did
in
before
to
also
discover
trunky
migration.
That's
that's
physical
parallels!
What's
in
for
dodo
and
also
transparent
and
had
they
had
transparent
state
migration,
so
that
was
a
bigger
job
that
made
that
document
kind
of
enormous
and
because
some
things
we
asked
gene.
F
Well,
it
was
600
pages.
Yes,
that's
right
all
right,
so
we
had
and
at
session
migration
and
the
fact
that
I
have,
because
you
have
migration,
you
can
have
migration
of
PN
FS
metadata
server,
migration
of
possibility
of
migrating
from
P
n
FS
turn
on
pain
of
ascend
and
back
in
okay.
So
that's
those
things
and
also
because
of
the
need
to
do
these
things,
there's
unnecessary
cleanup.
First
of
all,
the
way
the
term
replica
was
used
in
in
RFC
56
61
B.
Basically,
they
said
if
you
have
two
different
addresses.
F
They
were
treated
as
as
well
as
two
different
replicas,
even
though
there
really
were
actually
two
paths
to
one
replica
so
because
that
there's
some
terminological
cleanup
that
had
to
be
done
and
also
the
head
event
handling,
because
I
think
truck
Chuck
pointed
out
that
you
know
we
weren't
very
clear
about
the
alternative.
You
don't
support
transparent
state
penetration.
There
are,
there
are
the
vague
references
to
Pro,
FS,
/,
FS,
grace
periods,
but
the
lot
of
a
lot
of
the
code.
F
A
lot
of
the
text
did
not
really
feel
that
a
lot
of
gaps
there
had
to
be
at
so
I
revised
the
description
of
to
ops,
exchange,
ID,
the
free
exchange,
I
think,
but
not
was
consistent
with
state
migration
and
reclaimed.
Complete,
wasn't
clear
about
the
/
f,
/
FS
grace
period
case,
so
also
there
was
cleanup
of
the
era
decision
to
accommodate
those
things
anyway.
That
was
that
was
the
package
of
things
I
had
to
do
in
before
that
one.
F
What
useless?
Well
I'll
go
through
that
all
that
sad
story.
Okay,
the
first
thing
is:
I
produced
this
document.
That
was
basically,
it
was
called
draft
ITF
and
if
it's
before
M
v1
m
SS
m
s,
NS
update
and
the
paradigm
we
filed
was
here.
The
updates
replace
this
by
this
replaced
that
by
something
else
and
I
thought
it
was
clear
or
as
well
as
I
could
be,
and
I
was
ok
during
the
working
group.
F
Last
call
I
attempt
last
call
and
then
the
ad
review,
and
that
and
but
when
the
is
G,
took
a
look
at
that
number
of
people
said.
Oh,
we
don't
like
this.
This
sucks
and
so
I
well
I
think
they
had
a
point.
But
anyway,
that
wasn't
the
Exide.
We
decided
that
wasn't
named.
We
couldn't
there's
no
way
that
we'd
get
them
to
accept
that.
Yes,
so.
H
Chuck
leaver,
Oracle
I
think
the
gist
was
with
my
document.
It
was
short
enough
that
the
the
diff
I
loved
that
we
used
to
update
the
document
was
brief
enough
that
it
wasn't
bothersome
and
the
problem
was.
This
document
was
like
three
times
longer
than
mine
and
I
got
three
I
think
we
crossed
a
line
here.
It
wasn't
the
it
wasn't
the
problem
that
you
know.
We
don't
like
to
hear
the
updates
to
apply
at
the
spec
paradigm
I
think
they
didn't
like
the
size
of
it.
Okay,
sure
that.
I
H
F
That's
alright
so
anyway,
so
he
needed
more
bits
like
document,
but
I
started
looking
for
the
focuses
and
where
we
were
and
Tom
sort
of
indicate.
Oh
gee
you're
crazy
to
do
that.
Basically
something
that
words
that
of
the
nines
of
those
exact
words,
but
that
was
the
idea
so
I
settled
on
something
that
would
be
closer
to
a
BIST
document.
It
basically
replaced
section
11
and
just
add
a
few
other
updates.
I
thought
that
would
be
okay.
The
is
you
still
did
not
like
that.
F
They
want
an
even
more
bits
like
document,
but
a
focus.
You
have
8178,
you
had
issues
with
eighty-four,
RFC,
84,
34,
ending
nationalisation
security.
I'll
talk
about
that
in
the
later
talk,
so
finally
settled
on
a
partial,
miss
document
that
will
be
a
bit
in
the
sense
that
will
obsolete
RFC
56
61,
but
it
won't
be
the
best
that
address
every
progresses,
every
problem
in
RFC,
56,
61
and
I.
F
So
no
other
changes
other
than
the
namespace
changes.
So
I
have
that
document
that
vacuum
is
called
draft.
Ifgf
NF
is
before
our
RFC
51
Cecily,
MS
NS.
It
submitted
I
hope
people
will
read.
It
comment
on
that
and
I
think
it
needs
to
go
through.
We're
grew
last
call,
and
then
we
can
get
considered
by
the
ASG
I'd
like
people
to
look
at
it.
F
You
could
it's
600
pages,
but
I,
don't
think
if
you
should
be
read:
600
pages
you
can
it's
it's
it's
close
enough
to
RFC
5060,
one
that
you
can
dip
the
50
things
and
there's
some
bugs
in
in
RFC
DIF
that
try
to
get
the
the
author
RFC
DIF
to
fix,
but
somehow
we
had
some
email
problems.
Communicating
now
I
have
a
few
things.
F
Changes
I
also
have
a
aquaria
been
katak
about
what
he
wants
to
see
as
the
reference
VFS
hopefully
hear
from
him
the
list
any
changes
I
get
in
probably
in
the
next
week
week
or
so
I'll
submit
it
don't
one
and
then
we'll
see
whether
we
can
go
to
the
working
group.
Last
call
on
that,
after
that,
I
hope
to
move
the
document
forward
and
that's
the
only
path
eyes
I
see
on
that
document.
All
right.
That's
it
all
right.
Okay,
implementation
issues.
Now,
particularly
with
regard
to
trunking.
F
We
would
like
to
get
started
an
implication.
Implementation
now,
I
think
the
work
on
before
now
is
published
and
400
and
1
and
for
the
one
handling
of
of
trunking
is
pretty
much
the
same.
So
I
think
the
work
that
you
do
on
one
would
carry
over
to
the
others,
but
I
find
that
some
of
the
people
in
this
group
are
right
now
said
Oh
before
those
all.
You
don't
want
to
bother
with
it,
but
give
it
the
same
in
both.
Maybe
the
same
work
would
do
I'd
like
to
have
that
discussion.
C
J
J
I
may
be
not
as
convinced
as
the
others,
but
now
I
mean
this
is
the
plan
we
go
forward
with
this
as
full-out,
basically
implementing
the
full
updates
in
in
in
the
full
quarters
document,
and
that
becomes
the
next
then
reference
and
then
of
if
you're
gonna
do
a
four
point.
One
piece
forward:
if
that
would
happen,
yeah
I
know
what
I
would
like
to
see,
but
that's
yeah.
It's
coming
o
matic.
So
but
we'll
discuss
that
later.
That's
a
separate
topic,
but
for
for
this
implement
is
I.
J
Think
we
take
it
one
step
its
timing,
dementing
I,
think
I
mean
clear,
smaller
updates
or
the
saying
this
is
an
extension
to
something
which
isn't
existing,
that
you
can
do
still
do
a
system
alone.
So
yeah,
if
you
have
new
functionality.
Yes,
do
that's
a
separate
talk,
no
saying
this
extends
the
the
56
61
biz.
J
K
H
H
H
H
The
Linux
client
doesn't
support
trunking
right
now
at
all,
so
you
have
net
F
has
some
resources
that
could
implement
there,
I'm
not
really
planning
to
do
any
implementation.
There
Solaris
doesn't
have
any
resources
that
I
know
of
to
to
to
try
this
out.
I
mean
they
were
the
the
main
drivers
of
the
transparent
state
migration
work
in
both
Solaris
and
Linux.
Okay,.
F
All
right
so
as
far
as
the
trunk,
anything
it
sounds
like
we
net
have
made,
may
be
working
on
both
in
parallel
and
I.
Think
my
smile
would
be
to
try
to
do
as
much
as
the
for
Daddo
and
for
one
to
work
together.
I'm,
not
sure
how
that
works
and
the
cause
exists.
As
far
as
transparent
state
migration,
the
only
server
implementation
was
on
Solaris
and
that's
not
gonna.
Go
into
for
that
one.
The.
H
E
C
E
C
F
Sure,
alright,
so
that
I
think
ends
that
okay,
alright,
my
next
story,
I,
think,
that's
you
you
Jenna!
Oh
alright,
I
give
one
with
slide.
Oh
all,
right,
sorry,
Trombley,
okay,
Trump
trunk
and
rehabilitation.
Well,
this
is
irrelevant,
but
just
told
me
that
basically
it
appears
that,
except
for
people
who
are
not
in
this
room
or
on
Meetup,
even
me
that
go
it's
probably
nap.
Who's
gonna
do
doing
the
starting
work
on
both
the
client
and
the
server
and
transparent
state
migration.
F
H
All
right,
so
this
is
work.
That's
happened
since
the
last
time
we
met,
which
was
here
a
year
ago,
I
proposed
that
we
enter
the
21st
century,
that
NFS
enters
of
21st
century
and
support
encryption
by
default.
In
other
words,
when
you
install
client,
it
could
have
some
facility
for
using,
on
the
spot,
created
a
certificate
material
to
encrypt
its
transmission
to
a
server
in
just
the
same
way
that
web
server
could
web
browser
on
a
web.
H
Server
can
do
it
and
this
slide
sort
of
enumerates
the
things
that
we're
really
looking
looking
for
in
this.
In
this
feature
we
spent
we
want
to
protect
the
use
of
assist
because
that's
still
widely
deployed
a
lot
of
people
depend
on
it.
It's
very
simple
to
deploy
you
just
used
UID
numbers
and
make
sure
that
they
match
up
on
the
client,
server
and
you're
all
done
it's
a
lot
simpler
than
GSS,
which
is
why
GSS
is
not
more
widely
deployed.
H
So
these
are
the
two
main
benefits
that
we're
hoping
to
get
and
I
mentioned
privacy
already
I've
had
actual
user
requests
for
this
Oracle.
Many
people
don't
know
this,
but
Oracle
does
have
a
have
a
cloud
just
like
azure
and
Google
and
Amazon
the
Oracle
cloud
infrastructure.
Oci
folks
came
to
me
and
asked
for
support
for
NFS
with
encryption
so
that
when
anybody
brings
up
a
tenant
with
a
bunch
of
Linux
clients
that
they
they
can
get,
they
can
get
privacy
on
the
wire.
It
turns
out
that
Amazon
already
has
this
feature.
H
They
have
a
tunneling
feature
that
they've
got
built-in
that
got
a
sub
command
a
mount
sub
command
that
allows
them
to
create
an
SSH
tunnel
on
the
client
that
connects
to
the
server
and
then
they
they
tunnel
NFS
over
it.
There
was
an
interesting
article
and
I
think
lwn,
or
was
it
a
linux
journal
about
it
nine
months
ago,
where
a
guy
outlined
it
exactly?
H
How
I
did
this
thing
provide
scripts
and
it
looked
like
something
you
tear
your
hair
out
to
implement
I
mean
there's
just
huge
number
of
little
tweaky
things
to
do
and
I
thought.
Why
can't
we
do
this
in
the
protocol
and
just
you
know
not
not
require
any
kind
of
SSH
tunnel
at
all.
So
privacy
was
the
first
important
most
important
goal.
The
second
one
was:
we
want
to
be
able
to
provide
a
degree
of
machine
authentication.
H
In
other
words,
the
clients
should
be
able
to
authenticate
the
server
make
sure
they're
connecting
to
the
right
machine
and
the
server's
should
be
able
to
defend
any
chthonic
a
the
clients
and
when
they
do
that,
then
they
can
use
the
authentication
material
as
part
of
an
authorization
of
the
client
to
make
sure
that
this
is
a
client
that
is
allowed
to
talk
to
me
and
they're
sure,
because
there's
cryptographic
authentication
going
on
there
are
some
secondary
benefits.
I,
don't
have
to
go
through.
H
Those
most
of
the
stuff
is
listed
in
is
already
discussed
in
the
introduction
of
the
RPC
on
TLS
draft.
The
third
bullet,
usually
trips,
some
people
up,
but
the
idea
there
is
that
we
want
the
ability
to
provide
an
authentication
mechanism
for
the
machines
that
is
completely
independent
of
the
fennec
ation
mechanism.
H
H
Linux
is
also
getting
a
kernel
implementation,
prototype
implementation.
That
Trond
is
working
on
my
co-author,
that
is
still
in
progress.
There
are
I,
had
a
couple
more
listed
here
on
this
slide,
but
you
know
they're
there,
folks,
who
probably
don't
need
a
public
mention
of
prototyping
efforts
in
case
they
decide
to
scrap
so
need.
Let's
just
say
there
are
some
other
interests.
H
H
There
there
are,
there
are
tenets
of
the
Amazon
zone
that
there
are
ten
tenants
of
the
Amazon
Cloud
that
are
using
their
encryption
technique
and
they
they
met
with
us
recently
trying
to
die
with
them
to
discuss
how
stable
the
document
is
and
what
the
Linux
prototype
would
look
like
and
how
key
material
would
be
managed,
and
things
like
that.
So
they're
they're,
looking
very
closely
at
this
and
I
I,
have
a
sense
that
they're
interested
in
implement
implementing
something
that
will
be
interoperable
with
Linux.
H
We've
also
talked
about
some
future
works
that
the
future
work
that's
going
to
be
needed
for
NFS
support
for
TOS.
It's
probably
a
bunch
of
little
details,
but
probably
the
most
important
thing
is
is
tying
together
the
lease
management
credential,
the
thing
that's
used
for
authenticating
a
client
ID
and
exchange
ID
with
the
transport
credentials
so
that
the
clients
are
fully
authenticated.
There
are
some
other
details
which
I'm
not
remembering
at
the
moment,
but
we'll
need
a
document
to
write
this
stuff
down.
I,
don't
think
I'll
be
a
long.
One.
H
Large
tells
me
that
quick
is
probably
not
quite
mature
enough
to
begin
actual
work
on
this,
but
it's
coming
close
and
I
think
it
would
be
good
for
us
if
we
started
looking
closely
quick
to
understand
what
we
need
to
do
to
build
such
a
transport
and
what
capabilities
that
would
give
us
I,
don't
have
to
go
into
that
right
now
unless
people
would
like
to.
But
you
know
you
all
know
me
so
come
talk.
H
If
you
have
opinions
about
this
now,
this
slide
is
next
steps
for
the
document
itself
that
the
RPC
on
TLS
document
we're
wondering
if
she
had
a
charter
milestone
for
this
document,
because
there
isn't
one
right
now
and
it
as
I
began.
This
presentation
just
reiterate
that
this
work
disk
is
sort
of
blossomed
over
the
last
nine
months
to
a
year
since
we
last
talked
about
the
Charter.
So
now
is
a
good
time
for
us
to
consider
that
we've
had
one
sector
review
already.
That
was
a
more
nascent
version
of
the
document.
H
A
A
No,
no!
No,
no,
that
that
one
action
is
adding
a
milestone
for
this
work
to
the
Charter,
because
it
does
its
work
going
on.
That's
not
even
covered
on
our
stuff
and
I.
Need
you
to
think
about
that.
Okay
I
mean,
besides
all
the
work
that
has
to
be
done.
From
my
perspective,
the
milestone
update.
Okay.
H
L
H
L
J
H
A
A
H
H
Last
year
we
were
talking
about
RPC
over
our
DMA
version,
2
and
so
I
thought
I
would
sort
of
discuss
this
document.
That
is
still
a
personal
draft
and
see
if
we
can
move
this
forward
a
little
bit
originally.
When
this
was
proposed.
Several
years
ago
we
had
some
issues
in
version
RPC
over
already
may
version,
one
that
we
thought
were
kind
of
important
to
address
immediately.
H
One
was
the
ability
to
integrate
well
to
support
transport
properties
and
because
we
wanted
to
support
remote
invalidation
and
a
larger
in
line
threshold,
because
the
default
inline
threshold
for
a
version
1
is
a
kilobyte
which
is
too
small
for
NFS
before
so,
our
goals
were
to
try
to
get
those
transport
properties
supported
and
enabling
sensibility.
So
we
could
so
it
was
easier
for
us
to
build
on
the
transport,
because
version
1
had
a
lot
of
restrictions
in
it.
H
Another
one
was
eliminating
the
use
of
reply
chunks
and
the
reason
why
we'd
want
to
do
that
is
because
they
are
needed.
You
have
to
pre
provision
those
on
the
client
and
sometimes
the
client
guesses
wrong
protocols
can't
always
tell
like
protocols
like
an
abbess
can't
always
tell
how
big
they
need,
and
Dave
has
also
suggested
that
we
probably
want
to
add
some
machine
authentication
to
the
transport
protocol
in
the
same
way
that
we
were
doing
with
TLS
I'm
TCP.
H
H
They
can
just
mention
some
prototyping.
That's
been
done.
A
document
that
is
currently
waiting
for
isg
review
is
our
pcr
team,
a
the
CM
private
data
that
handles
transport
properties
for
a
version
one.
I
built
a
prototype
for
that
in
linux,
you
have
a
server
and
client,
and
that
has
demonstrated
the
need
for
and
the
benefits
of,
both
support
for
remote
and
validation
and
larger
in
line
sizes,
and
it's
also
identified
one
or
two
shortcomings
or
weaknesses.
H
I
guess,
for
example,
that
stuff
has
to
be
set
up
before
the
the
transport
is
fully
instantiate
'add
and
the
receive
buffers
and
then
send
buffers
are
created,
even
though
to
make
the
connection
you
have
to
create
some
of
that
infrastructure.
So
there's
a
there's,
a
chicken-and-egg
problem
there
that
we
didn't
foresee,
but
in
the
prototyping
we've
managed
to
work
with
that
and
demonstrate
that
it's
still
beneficial
on
the
area
that
we
haven't
really
prototype
is
the
extensibility
features
in
version
2.
So
we
have
to
think
about
that
carefully.
H
H
So
questions
in
discussion
I
mean
here's.
Some
ball
points
that
I
thought
you
know.
We
probably
ought
to
talk
about
a
little
bit
before
we
proceed
with
adoption.
A
I,
don't
think
the
working
group
document
has
to
have
a
bow
on
it
to
go
in
to
the
discussion
and
that'll
start
locking
it
into
completion,
milestone
dates
and
everything
I.
If
there's
Lara's
Magnus
you
any
feedback
here,
the
comment
was
that
is
that
the
document
is
not
feature
complete,
however,
and
he
was
working
towards
that
for
the
working
group.
Official
working
group
document
submission
we're
moving
into
working
group
document.
I,
don't
think,
that's
a
requirement
for
the
working
group
document
to
bring
it
to
work.
Group
tacky
work
on
the
document,
alright.
A
F
You
have
a
long
list,
but
there's
actually
three:
oh
the
one
that
I
proposed
is
not
as
definitely
if
it
goes
in
future
work.
So
I
wouldn't
think
that
that
one
certainly
should
be
in
the
document
as
the
other
ones.
I,
don't
know
how
the
people
might
have
odds
of
doing
this,
but
I,
don't
I,
don't
feel
there's
any
strongly
region
the
one
that
I
think
is
most
necessary.
Is
you
know
things
set,
but
that
also
could
be
future
work,
because
we'll
figure
that
out.
F
D
H
Are
agree
with
that
the
Machine
authentication
stuff
seems
a
little
more
critical
and
and
would
make
I
think
this
version
of
more
appealing
both
through
the
IHG
and
to
potential
implementers.
So
it
might
be
something
we
actually
do
want
to
consider
putting
into
the
into
the
document.
I
know
it's
a
it's
a
it's.
A
heavy
lift
I
agree
with
that.
A
L
H
H
So
the
purpose
of
integrity
measurement
I
mean
Tegrity
measurement,
is
kind
of
this
highfalutin
term.
That
maybe
doesn't
mean
anything
to
people.
But
the
whole
idea
here
is
that
we
want
to
have
some
way
of
protecting
file
content
from
when
it's
created
all
the
way
to
when
a
user
runs
it
to
the
point
where
you
do
an
exec
ve
on
it.
H
So
that
sort
of
narrows
the
the
scope
of
the
of
the
use
case
a
little
bit.
The
idea
here
is
that
we
have
a
protection
envelope.
That's
continuous
from
the
point
when
someone
creates
the
executable
say,
MV
or
a
or
a
database
application
to
the
point
where
it's
where
it's
actually
used
and
it's
protected
at
rest
on
the
disk
or
whatever
storage
medium.
It's
on
it's
protected
in
backups,
it's
protected
in
transit
when
it's
being
installed.
Everything.
H
H
H
This
vendor
has
a
public
key
pair
or
has
a
key
pair,
a
public
key
and
a
private
key,
and
the
software
vendor
publishes
a
public
key
to
its
customers
via
the
normal
mechanisms
of
that
kind
of
thing.
So
V
as
a
stream
of
versions
of
an
application,
a
it
publishes,
a
finalized
version
of
this
application
say
a
version
1.0.
H
H
It
has
to
have
a
security
module,
and
that
runs
in
a
privileged
mode,
and
that
can
generate
the
the
check,
sums
and
verify
the
signature
of
the
private
assigned
check
sums
that
it
gets
and
it
has
to
have
a
policy
for
handling
the
times
when
if
the
appraisal
fails,
that
policy
might
be
you're
not
allowed
to
access
the
executable,
it
might
be
I'm
going
to
report
you
in
an
audit
log.
It
might
be
do
nothing,
but
it's
gonna
have
a
policy.
H
So,
just
on
a
local
file
system,
the
customer
might
install
the
application
in
a
local
file
and
it
stores
the
checks
on
the
sign
checksum
as
an
extended
attribute
and
whatever
this
application
is
run.
Then
the
the
local
security
module
computes,
the
checksum
of
it,
and
it
verifies
that
the
the
stored
sign
checksum
matches
the
the
checksum
that
it
computed,
oops
I'm,
sorry
I'm
backing
up
there
we
go
and,
as
I
said,
the
local
policy
then
determines
exactly
what
happens
if
the
scenes,
your
verification
fails
or
the
checksum
verification
fails.
H
So
what
about?
What
is?
This
looks
like
when
NFS
is
in
the
picture
today?
What
happens
is
this?
The
the
server
has
the
the
policy
engine
and
the
private,
the
the
privilege
module
and
when
it
reads
the
file
off
the
disk,
it
does
all
the
checking
and
when
the
checking
fails
it,
it
reports
that
there's
an
access
error
and
the
the
client
can't
get
access
it.
So
it
looks
like
someone
just
changed.
H
The
Akal
on
the
file
with
the
NFS
extension
NFS
would
exposed
the
extended
attribute
that's
stored
on
the
server
to
the
client,
so
the
client
can
make
its
own
decisions
about
this
and,
in
fact,
keep
its
own
audit
log.
You
can
have
its
own
policy
about
whether
to
fail
access
to
the
file
report,
the
prominent
log
but,
most
importantly,
it
protects
that
the
data
in
transit
between
the
server
and
the
client.
H
So
here's
one
of
the
pieces
that
people
have
been
asking
me
for
a
while
about,
and
that
is
how
how
to
deal
with
interoperability.
In
other
words,
when
client
a
writes
some
of
this
metadata
into
a
file.
How
does
client
B
read
it?
How
is
it
guaranteed
to
be
able
to
read
it?
Well,
the
local
modules
have
been
haven't
had
have
had
to
deal
with
this
problem
forever.
H
I
have
to
handle
backwards,
compatibility
as
the
operating
system
is
upgraded.
Obviously
they
don't
have
to
reinstall
applications
or
regenerate
the
the
check
sums
or
resign
them.
So
the
security
module
has
to
understand
how
to
read
old
versions
of
it,
and
obviously
it's
for
offenders
will,
as
I
said,
before,
release
a
sequence
of
application
versions
and
they
may
change
the
way
they
they
sign
and
generate
the
checksums
over
time.
H
H
One
of
the
questions
that
I
have
not
been
able
to
get
a
good
answer
on
is:
what's
the
level
of
permission,
that's
needed
for
a
client
to
modify
the
extended
attributes
on
the
server
and
do
we
need
to
add
a
new
error
code
to
the
end
of
his
protocol.
That
says,
there's
an
integrity.
Failure
on
the
server
I
can
stop
here
for
a
moment.
Any
any
opinions
comments.
H
M
C
The
only
question
abroad
I
was
trying
to
think
about.
It
is
when
the
file
is
local
and
because
it's
the
attribute
and
is
moved
to
the
NFS.
Would
that
impact
the
Europe,
because
you
only
move
it,
you
may
lose
some
of
the
characteristics.
So
the
question
is:
is
this
going
to
address
that
because
I
think
that's
a
use
case
that
could
happen
the.
H
B
H
H
A
generic
error
code
it
could
be
used
for
other
purposes.
For
example,
as
long
as
the
client
says,
I
support
integrity
checking.
Then
the
server
is
allowed
to
return
that
code
and
I
could
return
it.
For
other
reasons,
like
oh
yeah
I
couldn't
read
that
because
the
parity
is
bad
on
the
raid
or
something
like
that.
N
D
N
F
H
H
A
H
A
H
B
N
After
after
confirming
a
decision,
did
the
sense
of
the
room
here
on
the
list
that
should
be
working
group
doctor,
then
thence
measures,
workgroup
doc,
I
wanna,
make
sure
I
understand
the
maintainability.
This
it
sounds
like
from
an
NFS
protocol
point
of
view.
The
new
attributes
contents
are
opaque
because
the
IMA
and
the
software
vendor
are
in
cahoots.
If
and
NFS
doesn't
understand,
what's
going
on
and
doesn't
need
to.
Okay,
the.
H
B
N
F
H
N
It's
go
ahead.
Let's
see
it's
gonna
have
to
be
left
to
somebody
else,
because
when
the
works,
the
way
it
does
in
the
local
case,
I
think
is
the
crucial
to
me
is.
It
reaches
a
crucial
argument
that
takes
this
out
of
the
scope
of
what
NFS
cares
about.
The
other
thing.
I'll
note
is
yeah
that
proper
level
permission
question
is
a
biggie
keep
asking
because
there's
a
denial
service
attack
there.
A
F
A
H
A
M
H
A
H
I'm
not
sure
this
is
really
super.
Interesting.
Probably
the
rest
of
the
talk
wasn't
really
super
interesting,
but
there's
a
lot
more
to
ima
than
just
file
content
and
there's
a
whole
section
of
it.
That
I
did
not
try
to
propose
or
implement
around
protecting
the
attributes,
file,
attributes
and
that
would
include
Ackles
and
access
control,
likes
mac,
attributes,
file
capabilities
and
a
few
other
things.
H
I've
I've
asked
the
question
in
the
linux
integrity
community,
whether
that
feature
that
part
of
the
IMA
is
necessary
before
we
can
demonstrate
whether
NFS
with
IMA
is
useful
or
effective,
and
they
seem
to
think
that
we
don't
need
EVM
for
that.
So
we
can
skip
the
attribute
verification
for
now
and
there's
a
lot
of
problems
around
that,
of
course,
because
every
operating
system
has
a
different
way
of
representing
these.
These
attributes
and
there's
no
standard
implementation
of
file
capabilities
either.
H
A
And
I
I
would
prefer
not
expanding
the
work
now.
Okay,
yeah
that
definitely
we're.
A
K
A
C
M
L
A
F
F
F
Working
class
last
called
there's
no
point
in
publishing
that
as
an
RFC,
so
it
is
done.
There's
no
RFC,
the
other
one
that
was
achieved
is
before
to
know
trunking
discovery
with
Chuck
got
through
the
RFC
that
has
done
through
ask
G,
as
that
is
RFC
85-87
and
his
posted
frozenness,
so
I
two
other
very
eight
milestones
are
done
now
on
the
next
slide.
B
F
You
right
anyway,
all
right.
So
now
the
remaining
ones
we
have.
These
are
the
four
where
we
haven't
achieved
them
and
the
target
state
is
in
the
past.
So
that
is
a
total
of
four
milestones
so
nvme
for
PN
FS,
which
is
still
interested
in
within
the
working
group.
But
it's
that
I'll
talk
about
later.
But
it's
the
target
was
a
long
time
ago.
Let's
say
over
a
year
ago
and
it's
clear:
that's
not
going
to
done.
We
don't
know
who
we
want
to
figure
out
what
do
about
that
now.
F
Trunking
discovery
and
transparent
state
migration,
sort
of
all
and
talked
about
in
previous
talk.
Those
two
milestones
are
one
document
and
the
target
was
March
2019.
We
had
to
always
go
around
to
the
ISD
and
I'm,
hoping
that
we'll
go,
go
to
work
and
grew
last
call
and
get
the
hope,
I
hope
since
I've,
given
the
III
as
chief.
What
they're
asking
for
I
hope
that
we'll
be
okay
with
that
and
I'm
hoping
for
October
2000,
and
that
has
been
discussed
elsewhere
and
see
a
private
date
that
original
target
was
was
June
of
this
year.
F
But
there
were
some
issues
with
with
again
the
document
think
and
started
with
the
with
the
write-up
and
I
think
it's
Chuck
said
it
was
now
an
iced
tea.
I
think
it
does
have
to
go
to
an
air-to-air
agent
review,
but
in
any
case
I
think
I
expected
to
be
done
by
to
be
reached
by
September
2019,
so
Chuck.
F
That's
it
I,
think
I
think.
Oh
all
righty,
all
right
Spencer
did
move
it
too,
but
he
did
not
actually
produce
the
consensus.
So
it's
waiting
for
consensus
that
needs
consensus,
right,
right,
up
ad
review
and
then
go
to
the
s
G
and
we're
hope
that
all
gets
done
by
by
September.
Okay,
that's
the
end
of
those
slides.
Then
we
also
have
a
few
slides,
which.
F
All
right,
I,
already
made
layout
for
being
a
mess.
I
have
separate
slides
for
that.
That
is
that
we
have
a
target
date
of
September.
That's
probably
not
not
achievable,
and
this
will
discuss
that
later
and
the
RPC
over
are
debating.
Chuck's
already
talked
about
that
the
target
date
is
December.
I.
Think
Chuck
has
to
make
a
decision,
whether
that's
that's
achievable
or
it
needs
to
be
adjusted,
I,
don't
know
what
probably
all
right,
I
think
that's
a
good
guess,
but
we
need
a
new
guest
from
you.
N
F
F
We
need
an
owner,
who's,
gonna
drive
it
a
target
date,
a
preliminary
document
which
could
be
an
individual
draft,
but
has
to
be
an
individual
draft
where
we
think
it's
conceivable,
that
will
become
a
working
group
draft
and
it
has
to
be
working,
and
part
of
that
is
important
group
interest,
and
we
should.
This
is
a
two
year
go
to
your
window.
F
Let's
have
a
target
date
before
hours
of
2021
way
off
then,
okay,
anyway,
some
possibilities
well
we're
both
some
men
mentioned
integrity
measurement
is
one
thing,
might
get
an
RPC
TLS,
some
future
working
group.
The
mate
may
may
may
get
milestones
like
RFC.
Fifty
sixty
one
this
which
I'm
going
to
talk
about,
may
be
Chuck's.
Men
mentioned
the
NFS
focus
security
related
document,
but
that
is
not
it's
not
far
enough
along.
P
F
Would
that
might
be
a
milestone,
but
that
might
in
the
future,
its
nebulous
RPC
over
already
made
version
to
I.
Guess
that
also,
actually
is
the
current
milestone.
I
make
a
lot
made
a
last
past.
This
is
said:
oh
gee,
I'd
missed
slides
two
weeks
ago
and
I'd
look
at
them
and
that's
wrong.
So
that's
already
in
last
master,
so
possibilities
I,
think
draft
CEO
and
efficient
for
SEC
level.
Extensions,
okay,
no,
no,
there's
a
sense,
Tom's
dead,
end.
Okay,
all
right
Tom's
document
meant
they
might
eventually
turn
into
something
that
might
have
a
Tata.
B
F
F
C
L
H
J
So
I
mean
if
this
document
I've
been
submitted
right
there
founder,
the
PCP
is
78
copyright,
etc.
We
have
anyone,
has
right
to
do
derivative
work
based
on
that
text.
So
that's
the
formality
of
it
at
least
so,
but
yeah
I
mean
we
it's
it's
nice
to
ask
this,
or
at
least
informed
that
we
intend
to
make
it
go
forward.
Yeah.
A
And
that's
that's
my
I
think.
That's
what
Spencer
probably
meant
Spencer
text
me.
If
you
disagree
hey!
No,
so
let
me
reach
out
to
Kristoff,
if
you
don't
mind
and
find
out
what
what
he,
what
he's
doing
here,
I'm
wondering
if
he
just
basically
that
the
people
that
he
was
working
with
is
are
no
longer
interested
in
those
parts.
F
C
C
Q
C
Q
F
C
A
L
Q
R
F
As
possibility
of
going
forward
that
all
right
so
then
we
had
another
similar
situation,
although
it's
farther
long,
it
hasn't
expired.
Yet
the
the
target
is
still
in
the
future,
but
it's
clearly
unrealizable,
there's
no
active
document.
That's
expired.
There's
been
some
prototyping
work
based
on
the
original
expired
document.
F
F
H
Libre
Oracle
I
think
where
we
left
this
technically,
is
that
there's
an
architectural
problem
that
needs
to
be
resolved
at
the
transport
level
and
perhaps
machine
authentication
in
in
the
RPC
or
our
team.
A
transport
may
resolve
it,
but
the
issue
is
that
when
the
client
reaches
out
to
an
RDM,
a
data
server,
there's
no
authentication
that
that
client
has
permission
to
get
to
those
to
get
to
the
to
the
layouts
and
and
it's
it's
accessing
those
layouts
via
raw
RDMA
and
there's
no
authentication
in
that.
So
that's
the
problem
that
we
need
to
solve.
H
C
C
F
F
F
H
F
F
Could
look
at
the
general
architecture?
Chuck
doesn't
have
any
time
to
write
it
up,
but
may
some
maybe
we
discuss
this.
Maybe
there
is
a
way
around
this
architecture
problem,
but
it
is
something
it
seems
like
something
we'll
wanted
to
address
in
the
future.
Given
that
we
have
you
know
given
if
there's
more
interest
in
our
to
made
the
idea
of
to
an
argument
lie,
it
was
always
a
good
one.
It's
just!
F
We
have
this
big,
solid,
authentic
problem
and
your
point,
maybe
once
we
get
more
complicated,
more
more
more
comfortable
with
the
idea
of
machine
authentication,
maybe
there's
some
in
there
but
I
guess
how
you
get
to
from
there
to
Road
to
game
or
are
you
me
I,
don't
know
how
we're
gonna
make
that
transition
all
right,
I!
Think!
That's
it
for
me,
I
think,
actually,
on
the
next
one,
I'm
not
sure.
F
We
finally
got
a
BIST
document
for
before
that,
oh
and
I
think
now
for
reasons
I'm
Greta.
We
reaching
the
question
of
why
I
want
one
for
before
that,
one,
despite
the
fact
that
Tom
thinks
I'm
crazy,
even
though
he's
not
licensed
to
practice
medicine
anywhere
all
right
as
a
doctor,
though,
you
got
but
he's
never
served
a
psych,
your
psychiatric
residency
anywhere
anyway
right.
F
It's
a
gerald
idea
as
I
found
dealing
with
the
ICG
one
document
describing
a
minor
version,
the
real
problem
for
readers.
There
are
multiple
documents
on
the
same
subject
which
might
or
might
not
contradict
one
another.
The
eyes
genes
made
it
clear
to
me:
they
see
the
in
various
ways
not
only
to
me,
but
there
are
some
issues
with
lots
of
not
only
this
group
but
other
groups,
updating
documents
and
G
where
the
hell
are.
F
We,
which
is
the
document
that
describes
this
so
RFC
5061,
is
building
up
a
set
of
updates,
of
which
I've
contributed
to
other
people
have
and
but
there's
other
ones
there
needed
that
have
been
deferred
for
for
a
while.
So
I
think
that
I
think
the
work
group
needs
to
address
the
situation
group
for
that
one
I
have
a
proposal.
How
I
might
go
about
doing
so,
and
the
work
group
has
to
decide
one
first
day
and
had
an
end
whether
it
do
this
so
I'll
be
talking
about
all
right.
F
So
the
we
have
some
update
updates
there
are
in
the
process
proving
4.11
is
the
Tom
amazing,
updated
RFC
v
61
with
RFC
84
34,
with
some
changes
that
he
said
needed
made
to
section.
12
and
I
have
I
previously
talked
about
the
large
set
of
updates
in
draft
I.
Atf
NFS
before
RFC
physicist,
says
sweet,
so
those
two
are
may
just
enough
to
make
a
Mista,
but
then
we
have
some
other
things
in
5061.
Internationalization
is
wrong.
Yes,
we
have.
It
was
when
they
wrote
through.
This
is
the
one
they
took.
F
The
in
nationalism
was
RC
35
30,
which
was
wrong.
Nobody
ever
implemented
that,
and
so
we
needed
a
new
internationalisation
and
needs
a
new
security
consideration.
Section
of
the
work
the
chuck
has
talked
about
gives
us
a
possibility
of
having
reasonable
security
that
people
will
actually
be
able
to
implement
and
I
think
we
needed
put
that
to
reference
that
work
in
an
RFC,
5061
Biss
and
having
new
security
considerations
section
right
now.
Let's
talk
about
the
existing.
F
On
what
a
mess
that
is,
it
should
have
been
a
required,
but
it
wasn't
we
got
by
luckily
well,
it's
luckily,
because
if
we've
been
assisted
on
it
at
that
time,
there
would
be
no
NFS
before.
If
they
said
yeah,
you
must
do
a
secure,
I.
Think
I,
don't
think
we
were
up
to
it
and
beyond
them.
Guess
we
didn't
have
that
made.
It
was
made
as
to
easiest
for
hand
wave
away
serious,
serious
issue
since
general
general
field.
We
had
oh
yeah
well,
most
time,
it's
used.
In
fact
it's
true.
F
It's
used
on
local
networks
and
people
who
some
assuming
that
that
fact
mean
meant
that
you
didn't
have
to
really
worry
about
Sookie,
but
you
do
and
as
well.
We
have
poor
security.
Rayne
edifice
before
Austin
use
was
optional
and
some
hand
waving
about
about
that.
But
really
it's
used.
It's
not
only
optional.
It's
used
in
the
clear
without
clarification,
there's
no
security,
it's
really
totally
unsecured.
Also,
even
if
you've
not
using
Austin,
you
have
privacy
integrity.
F
One
way
is
basic
model
is
that
you
do
some
initial
things,
presumably
without
all
that
without
integrity,
privacy,
and
then
you
find
out,
as
you
cross
into
various
various
facets.
You
find
out
whether
that
fastest
in
group
was,
but
that
means
it's.
That
means
that
certain
things
are
done
in
the
clear
and
you
can't
get
rid
of
them
in
the
protocol
and
also
with
Chuck
reference.
This
is
difficult
and
offloading
that
that
security
work,
because
different
keys,
keys,
I
used
a
different
route
and
I
think
in
the
architecture
checks
working
on
you
have
the
same.
F
You
the
same
key
on
each
session,
it's
easier
to
offload
and
the
other
important
thing,
because
the
for
those
problems,
the
actual
use
of
integrity
of
prophecy,
is
very,
very
small.
Very
few
people,
not
many
people
to
use,
associate
uses
RPC,
sexy
SS
and
the
amount
of
use
of
integrity
of
prophecy
is
bouncing
and
small.
F
F
So
I
think
we
need
to
when,
as
when
Chuck
view
gives
me
a
target
date,
I'll
have
it
I'll
be
able
to
think
about
a
target
date
beyond
that,
because
I
think
they'll
say
later
that
you
have
to
reference
that
work
to
make
it
a
major
advance
in
NFS
security.
So
the
important
things
are
things
that
you
are
had
mentioned.
The
Crimson
support,
I
added
all
the
messages.
It's
not
a
I.
Think
in
your
document,
talk
about
pieces
of
the
header
is
not
being
predicted,
but
it's
also.
F
There
are
messages
that
not
protected
at
all
and
they're
they're
significant
and
the
other
thing
is
even
though
people
might
wish
that
some
people
might
wish
it
off.
This
is
not
going
away
and
we
have
to
make.
We
have
to
do
something
as
Chuck
did
to
make
that
use
of
our
system,
and
that
gives
us
the
opportunity
right,
an
honest
security
consider
it,
which
does
not
say
gee.
This
is
too
insecure
to
use
on
the
Internet
and
lots
of
other
places.
I
don't
want
to
say
that
I
don't
want
to
one
be
around
the
bush.
F
We
want
to
write
a
reasonable
security.
Consider
session,
which
says
this
is
secure,
and
that
means
we
have
to
make
the
check
the
changes
that
checklist
are
talked
about.
It's
good
that
he's
gone
through
security
directed
through
the
security
director
review
and
I
think
the
mess
to
say
well
now
is
this
good,
but
is
this
good
press
basis
for
an
official
for
security
going
forward
sister?
We
can
be
more
relaxed
about
about
this,
that,
yes,
we
do
not
have
a
security
nightmare
in
the
offing.
F
F
I've
looked
at
what's
necessary
to
revise
the
back
document,
so
that
does
not
assume
that's
make
than
every.
When
a
50
system
one
was
written,
it
was
assumed
that
every
version
would
make
its
own
set
of
versioning
rules,
and
that's
no
longer
the
case
that
that
one
has
to
be
update
at
that
point.
I
would
have
enough
to
produce
an
in
an
in
an
individual
draft
at
that
point
and
at
that
point
who
the
were
true
consider
whether
to
adapt
that
as
a
workgroup
document
and
if
there
were
did,
was
available
to
do
that.
F
F
Rule
end
up
debts
and
that
I'm
gonna
I'll
do
a
lot
of
the
work
in
56,
but
I
need
to
normative
reference
Chuck's
document
and
they
have
to
be
they
don't
have
to
be.
They
have
to
be
at
least
there's.
Probably
the
time
to
do
this
is
probably
at
least
have
been
working
group
does
not
have
to
be
published
as
an
RFC,
but
we
have
to
be.
F
They
have
to
have
assumed
their
final
four
and
then
in
the
working
group
will
have
to
look
at
about
errata
issues,
but
at
that
point
I
think
we
have
so
I.
Think,
oh,
no,
that's
at
least
you're
out,
but
that
depends
on
but
I
think
that's
something.
That's
doable
we're
group
s
to
decide
whether
it
do
this
all
right.
F
Now,
let's
think
about
the
fourth
of
the
documents.
One
is
number
of
cases
we
just
contradict
the
base
say
hey.
This
document
updates
RFC
fifty
sixty
one
because
it
says
something
different
and
let
the
reader
figured
it
out.
That's
not
good,
but
we've
done
that.
Wait
for
34
it
not
did
not
get
any
pushback.
F
The
other
thing
was
that
we
tried
to
do
is
explicitly
tell
users
what
has
changed
that
we
did
in
85
87
Chuck
cut,
got
by
with
that
and
at
the
conclusion
that
we
reached
is
that
crude
done
for
small
updates
and
and
we've
also
done
a
BIST
document,
lee
75
31.
So
we
have
to
consider
the
eyes
team
tolerance
for
style
to
updates
has
become
more
limited
and
it
has,
as
we
said,
limited
to
smaller
updates,
and
we
hope
that
the
review
of
style,
3
updates
will
be
will
be
easier.
F
F
J
Yeah
I
I
mean
to
clarify
something,
and-
and
it's
is
that
I
mean
what
I
think
is
you
sees-
is
that
when
you
do
these
updates
or
lift
the
protocol
to
division,
something
that
you
should
create
sets
of
documents?
That's
this
is
all
the
same
maturity
level
together
they
fit
together
and
that
defines
the
protocol
that
doesn't
need
to
be
one
document
and
I
think
there's
actually
stuff.
You
need
to
think
about
this.
Actually.
J
Can
you
split
this
six
seven
hundred
monster
you
have
into
a
set
of
modules,
which
is
the
whole
set
of
documents,
is
the
4.1
specification,
because
that
will
make
it
easy
for
everyone
to
review
etcetera
and
actually,
if
you
continue
working
future,
it
might
be
just
okay.
This
is
because
you
may
be
only
touching
one
module.
You
can
update
one
particular
part
of
it,
so.
B
Magnus,
this
is
something
we
had
thought
about
trying
to
do
in
the
past.
That
was
my
recommendation.
After
doing
the
the
the
for
Dobis
you,
you
do
not
want
to
do
a
six
under
page
document
this,
because
for
one
thing
the
previous
changes
were
made
by
Gareth
G
after
you've
done
with
your
edits,
so
you
have
to
go
track
those
down,
and
that
took
me
like
six
months
to
go,
find
a
be.
I
N
They're,
dark
I
think
you
need
to
do
some
version
of
three
trying
to
do.
Incremental
updates
works
when
you're
dealing
with
contained
feature
function,
I,
see
a
plan
here
to
completely
replace
internationalization
and
completely
replace
a
security
consideration
section
along
with
a
pile
of
security
functionality
and
incrementally
is
not
gonna
work
well
for
those
I
think
I
think
you
need
need
to
plan
on
all
sales
placement
modular
if
possible.
So.
B
David
timings
again,
one
of
the
things
we
found
with
that
was
when
we
updated
the
security
module
or
the
internationalization
for
the
4.1
I
mean
for
the
4.0
and
we'd
already
come
out
with
a
4.1.
We
had
to
go
update
them
both
right
and
so
they
they
they,
even
though
they
were
major
versions,
it
turned
out.
We
always
wanted
the
security
considerations
to
be
in
sync,
and
we
always
wanted
the
internationalization
to
be
in
sync.
N
F
So
the
problem
is,
when
you
point
out,
we
have
a
number
we
have
before
now
is
one
product
before
the
one
is
a
different
protocol,
but
there
are
two
pieces
like
internationalization
security
considerations
which
you
set,
and
we
would
have
to
really
revise
the
whole
philosophy
say
that
be
some
before.
No,
that
are
not
version
specific,
but
that's
very
difficult
to
do.
N
N
N
N
B
C
F
A
That
okay,
so
so
we
have
a
proposal,
I've
been
to
write
it
down.
I
do
want
to
talk
to
Tom
about
this
and
also
talk
to
Magnus
about
this
also
sure
on
our
pro
before
we
before
we
start
doing
anything
to
clean
this
up,
I
want
to
make
sure
we
do
something
that
will
pass
muster
through
the
ietf
okay,
but
I
also
want
to
also
very
much
want
to
minimize
work
at
this
point
on
this
on
this
stuff.
A
H
Chuckling
Oracle:
this
is
slightly
different
topic,
but
one
item
I
didn't
see
on
the
previous
slides
about
what
needs
to
go
in
Stockman
is
I.
Think
we
need
to
consider
what
has
not
been
implemented
in
the
end
of
us
before
point.
One
implementations
today
and
look
at
ways
that
that
can
be
those
items
can
be
excised
from
the
new
specification
you're.
H
H
J
A
We
removing
unused
features
from
a
document
is
what
we
spend
on
the
document,
but
is
a.
It
is
a.
How
do
I
say
this?
It's
a
it's
a
it's
a
simple
edit
I.
If,
if
we
like
what
I
think
I'm
I
don't
want
to
open
up
a
removal
use
features
to
the
document
and
then
adding
new
text
creating
a
gigantic
editing,
review
cycle:
okay,
okay,
yeah,
that's
I
mean
yeah
and
I.
J
A
J
A
F
You,
as
you
think,
but
anyway,
I
think.
That's
that's
that
I
think
it's
pretty
clear
here.
We
are
gonna.
Do
this,
we
could
do
something
with
abyss
document
and
so
I
think
we'll
follow
I'll
come
out
with
you
know,
assuming
that
sets
Creek
good
slow
gets
done,
then
I
will
come
out
and
come
out
with
the
the
individual
draft
and
then
we'll
figure
out
at
that
point
a
decision
about
what
what
tech
steps?
Okay.
S
S
S
F
Yeah,
because
you
mentioned
the
idea
of
security
about
and
the
tons
of
yeah,
maybe
we
should
do
that
from
before
doubt
at
same
time.
So
that's
good,
maybe
we'll
discuss
I.
Think
I
summarized
this.
This
discard
make
an
alternate
proposal,
because
the
proposal
I
made
here
is
probably
not
valid
because
of
what
time.
So
our
awesome
is
available
list:
okay,
okay,
yeah.
C
A
J
I
B
O
C
I'm
trying
to
add
some
new
stuff
in
the
NFS
protocol
related
to
the
current
state
of
the
storage,
where
everybody's
running
around
in
circles
to
increase
data
reduction
in
order
to
make
storage
cheaper,
because
the
media
is
very
expensive.
The
flash
media
that
it's
used
and
also
the
new
media
can
use
memory,
so
it
can
change
the
entire
mechanics
of
the
server
doing
data
reduction.
So
I
you
I'm
gonna,
look
at
two
use
cases.
C
One
use
the
normal
scales
with
nfsv4
to
which
assume
that
there
is
access
to
the
external
attributes
of
the
file
if
the
goods
are
still
supported,
and
then
the
back
end
identified
the
file
system
block,
which
is
part
of
the
specific
file,
and
then
it
applies
data
reduction.
According
to
that
that's
the
simpler
case.
The
second
case
would
be
also
interested
because
we
nvme
is
big,
is
also
very
important
media
and
there
is
a
Gaussian
via
me
protocol
that
Christoph,
introduced
and
I
think
it's.
C
The
motivation
is
that
you
know
the
external
attribute.
If
they
would
be
possible
to
be
used,
it
would
be
a
easy
way
to
add
new
function
and
also,
we
can
add
in
principally
two
parameters,
so
it
could
be
little
bit
more
than
you
can
use
on
a
park,
but
it
could
be
easier
if
you
can
enlist
and
attributes
now.
What's
missing?
Is
the
user
information
little
data
reduction
that
arrays
cannot
now
and
to
explain
attributes
we
can
come
communicate
to
the
engine
that
does
the
data
reduction.
C
There
is
a
lot
of
data
from
analysts
regarding
typical
data
reduction
for
typical
types
of
file
and
objects,
and
that's
in
its
good,
because
it
can
be
really
known
to
the
application
to
the
user
and
application.
So
user
can
add
these
attributes
or
by
just
by
the
extension,
that
data
that
explains
the
quality
of
data
reduction
for
different
compression
duplication
for
different
types
of
file,
like
you
know,
JPEG
files
and
all
kind
of
files
that
they
through
the
extension
there
is
a
list
of
potential
data
reduction.
C
So
this
will
help
that
you
know
in
a
sense
that,
for
example,
if
the
data
is
not
compressible
not
in
the
pool
at
all,
because
it's
already
very
much
compressed,
it
will
increase
the
to
improve
the
performance
of
the
server,
because
it
won't
do
work
that
it's
a
throw
away.
So
and
we
are
thinking
the
most
important
case
will
be
the
nvme
case,
because
the
media
is
expensive
and
the
result,
or
already
a
lot
of
servers,
NFS
server,
simile
that
have
support
and
GME
and
they
sell
in
here
me
so
I
think.
C
That's
that's
why
I
went
back
to
the
protocol
that
Christophe
started
and
I
think
it
has
value
it
has
married
again.
I
cannot
ask
her
stuff
to
continue
so,
as
I
said,
I
am
interested
to
take
over
whatever
find
a
way
to
use
it
and
I
hope
that
the
fact
that
it
was
expired
doesn't
make
a
difference
and
again
I
would
like
to
see
if
we
can
approach
Christophe
at
least
to
ask
to
see
if
he
is
interested
or
not.
But
if
not
I
am
interested.
C
So
what
we
need.
We
need
a
way
to
communicate
data
reduction
characteristics
for
a
client
to
server
either,
because
the
extension
of
the
file
will
tell
us
what
type
of
file
is
all
by.
There
is
a
way
because
files
that
are
impact,
for
example,
other
videos.
They
have
some
metadata
in
the
file
itself,
which
the
user
can
read
and
transfer
to
the
as
an
attribute,
and
by
that
enable
the
all
the
types
the
files
are
same
type
to
have
a
specific
type
of
data
reduction.
C
Again.
These
are
something
samples
from
analysts
now
I
understand.
The
problem
with
the
extent
attribute
I
thought
that
maybe
it
could
be
acceptable
but
I
in
light
of
what
we
discussed
before
I
think
that's
a
problem,
because
if
people,
if
it's
there's
no
implementation,
why
should
they
be
a
new
implementation
for
the
reduction
attributes?
It's
questionable
what
I
would
follow
the
consensus
and
I
think
that
that's
something
that
there
are
ways,
for
example,
for
a
simplified
model
using
just
normal
attributes
but
I'm.
C
C
So
this
is
some
proposal
in
principle.
I
didn't
I
strategy
to
write
the
protocol,
but
I
stopped
because
David
was
he's
right.
He
was
right.
First,
let's
see
if
it's
interest
and
if
we
want
to
move
on
with
this
either
as
a
private
or
working
group.
I
don't
know,
but
those
are
some
ideas.
It's
not
necessarily
a
solution.
C
B
Tom
Hanks
hammer
specs,
so
I
think
some
things
you
need
to
pull
out
here,
one
that
I
heard
here
that
I
didn't
hear
in
reading
the
draft
or
earlier
is
that
you
are
saying
the
TR
attributes
are
user-defined
right.
Yes,
so
you
need
to
make
that
point,
because
that
points
out
why
you
need
extended
attributes
and
not
satyrs
yeah.
B
I'm
just
I'm
just
trying
to
say
that's
an
in
consideration
for
why
you
do
not
want
patters
is
because
you
have
to
let
the
users
define
them
yeah
and
but
even
if
you,
sixth
at
Exeter,
so
you
have
to
define
how
the
the
server
and
the
client
understand
that
this
X
adder
you
call
alpha
means
the
same
thing
for
both
of
them.
Yes,.
B
C
Yeah,
so
that's
one
thing
that
I
consider
by
the
way,
but
I
needed
some
consensus,
because
that
you
know
there's
a
certain
point
where
I
want
to
be
sure
that
I'm
going
the
right
task,
so
it
can
be
becoming
a
work,
a
good,
proper
document.
That's
all
that's
my
goal.
Currently
I
can
keep
it
private
for
a
while,
let's
say
one
two
revisions,
but
if
there's
no
interest
then
I
will
you
know
it's
from
my
perspective?
C
It's
kind
of
I
want
to
make
a
you
know,
promote
promotion
of
this
data
reduction
area,
so
I
have
out
the
others.
Ideas
also
related
to
this.
The
fact
that
currently
the
host
could
be
the
client
could
be
like
a
client
that
could
be
in
the
cloud.
So
that's
another
thing
that
okay,
so
the
question
you
should
become
a
working
group.
My
question
is
simpler.
First
of
all,
do
you
think
it
has?
C
B
C
Have
to
understand,
I
wasn't
active
for
about
eight
years,
and
this
groups
I
forgot
so
I
had
to
bring
something
at
least
to
know
that
it's
it's
of
interest.
You
know
I
I'm
busy,
let's
say
I'm,
not
I,
don't
have
spare
time
not
to
do
it,
but
I
think
it's
important
so,
especially
that
the
media
is
getting
it's
expensive
and
it's
not
gonna
get
so
cheap
ever
so
and
sure
yeah.
C
I
agree
with
that,
in
fact,
in
fact,
the
use
case
first
use
case
is
the
most
important
that
I
want
to
address.
But
you
know
it's
because
the
the
PMF
s
could
have
a
value
also
for
nvme
I
thought
to
mention
this.
So
I
will
do
this.
I
will
move
that
one
further,
maybe
independently
of
this
and
then
when
it's
yeah
so
lucky.
So
when
it's
ready,
maybe
you
will
match
both
and
will
make
them
I,
don't
know,
that's
something
that
I.
H
H
H
C
C
C
C
B
B
B
So
what
my
model
is
when
we
have,
for
example,
Echo
food,
a
bar.
We
have
an
open
layout,
get
it
goes
to
the
MDS
we
have
to
get
device
info
goes
the
MDS.
We
have
a
right
of
three
bytes
which
goes
to
the
DF
and
then
when
we
start
to
close
the
file
with
a
layout
return
set
at
or
deleg
return
and
get
adder
well.
B
The
adder
caching
that
we
introduced
in
the
earlier
version
doesn't
help
us
because
it
only
provides
the
end
time
in
the
a
time
of
the
metadata
file
not
of
the
data
file,
and
we
still
have
to
go.
Compare
what
the
instance
file
has,
and
so
we
notice
that
the
right
has
week
cache
consistency
when
it's
b3
and
what
we
would
do
is
introduce
a
new
operation
layout.
B
We
cache
consistency
which
sends
that
information
back
to
the
MDS,
and
it
removes
the
need
for
the
get
adder
the
other
operations
layout
return
layout,
commit
don't
provide
this
ability
to
do
week,
cache
consistency
and
also
it's
the
quickest
way.
I
know
to
get
this
new
operation
in
I'm
being
honest.
I'm
being
bluntly,
honest,
it's
really
fast
for
me
to
get
draft.
B
A
You
get
that
I'm
recording
okay,
so
that's
it!
There's
no
opportunity
for
wrap-up
I
AB.
The
minutes
I'll
be
posting!
Those
through
our
website.
If
you
haven't
signed
the
blue
sheet,
sign
it
if
you
just
walked
in
the
room
for
some
other
meeting,
feel
free
to
sign
the
blue
sheet.
Anyway,
thanks
guys
have
a
great
conference.