RFC 2755 (rfc2755) - Page 2 of 12

Security Negotiation for WebNFS

Alternative Format: Original Text Document

RFC 2755            Security Negotiation for WebNFS         January 2000

1. Introduction

   The MOUNT protocol is used by an NFS client to obtain the necessary
   filehandle for data access.  MOUNT versions 1 and 2 [RFC 1094] return
   NFS version 2 filehandles, whereas MOUNT version 3 [RFC 1813] returns
   NFS version 3 filehandles.

   Among the existing versions of the MOUNT protocol, only the MOUNT v3
   provides an RPC procedure (MOUNTPROC3_MNT) which facilitates security
   negotiation between an NFS v3 client and an NSF v3 server.  When this
   RPC procedure succeeds (MNT3_OK) the server returns to the client an
   array of security mechanisms it supports for the specified pathname,
   in addition to an NFS v3 filehandle.

   A security mechanism referred to in this document is a generalized
   security flavor which can be an RPC authentication flavor [RFC 1831]
   or a security flavor referred to in the RPCSEC_GSS protocol
   [RFC 2203]. A security mechanism is represented as a four-octet

   No RPC procedures are available for security negotiation in versions
   1 or 2 of the MOUNT protocol.

   The NFS mount command provides a "sec=" option for an NFS client to
   specify the desired security mechanism to use for NFS transactions.
   If this mount option is not specified, the default action is to use
   the default security mechanism over NFS v2 mounts, or to negotiate a
   security mechanism via the MOUNTPROC3_MNT procedure of MOUNT v3 and
   use it over NFS v3 mounts.  In the latter, the client picks the first
   security mechanism in the array returned from the server that is also
   supported on the client.

   As specified in RFC 2054, a WebNFS client first assumes that the
   server supports WebNFS and uses the publsc filehandle as the initial
   filehandle for data access, eliminating the need for the MOUNT
   protocol.  The WebNFS client falls back to MOUNT if the server does
   not support WebNFS.

   Since a WebNFS client does not use MOUNT initially, the
   MOUNTPROC3_MNT procedure of MOUNT v3 is not available for security
   negotiation until the WebNFS client falls back to MOUNT.  A viable
   protocol needs to be devised for the WebNFS client to negotiate
   security mechanisms with the server in the absence of the
   MOUNTPROC3_MNT procedure.

Chiu, et al.                 Informational