Received: by 2002:ad5:4acb:0:0:0:0:0 with SMTP id n11csp690432imw; Wed, 13 Jul 2022 06:23:27 -0700 (PDT) X-Google-Smtp-Source: AGRyM1ubXYC2OG3QasVUbdZaqNob5puBnLeShus0DYlfdfBmMH3WGedD60wasaekYtUQOMHev+a4 X-Received: by 2002:a17:906:58c7:b0:722:f4bf:cb75 with SMTP id e7-20020a17090658c700b00722f4bfcb75mr3476550ejs.450.1657718606991; Wed, 13 Jul 2022 06:23:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1657718606; cv=none; d=google.com; s=arc-20160816; b=mc+npwCQddrlL+XBcpX81cvHLVTzQlimJQmnVEd6IukKQbGaKvyYkuJFdptjzIZQfi 5ihLTuNOPTiBZZQ81a8mgUOBbTkCjMurd428RecZ45JWHUMzPq2s3M/5QiTaK/pkhL5K ggfv2xXkEHZ/sc/cfmbYQjJi01rH9zuyYllZYZ8ZIf41Wzyt7GAOFOVlX17+L31JyULV hnSDPBxX3+faikBigq7ppXqt3fC86rQG5NVIYbh04+nNkCwa4bbGutWWBZpJASE81anN I9KDQilaee7MmDP2AdtCs0R9uMVJRSBbWc8kjgARwy3gjWJZih7QHHoYAe5f+OGgwImu /F9w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=F/+E1ECi0puEBFInlLKBbyX4jpamV3J0oFs83DRhKdQ=; b=BeFddjh5J9av8RJu5GYOFkj+GRLufq/QCwowkXei8JIAlo6HDYT76yAnMmH4BGOxDn VFfMTrsDcnzP0zYNgKuE8YyrwhpB6JJq9/KJFtWYrH+UqWvz9/nrL+hBppC0f3uvtW0v sLC13lI7ZVau8zpgOoBajI89q23N20U8Nbvvt+Jk82QuYzzunw8x0CTttZYbR4jvyXR4 Rv5TqdVrfJmylrwM38Bo/kQ2v9vXWYWrZS6St+9FX4zNbibauOhi1Z69EIiBBa13B0Nr OkCHw0hf3ZgCFuu2XAmhMhilpzymEnH0IBi0TnxB1QJG/4MYWS6Ula8BCmwrKWvvhBvG fRkQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=G9H69o8a; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id og43-20020a1709071deb00b0072b141427a2si15596778ejc.729.2022.07.13.06.22.53; Wed, 13 Jul 2022 06:23:26 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=G9H69o8a; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230048AbiGMNWs (ORCPT + 99 others); Wed, 13 Jul 2022 09:22:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48168 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229968AbiGMNWs (ORCPT ); Wed, 13 Jul 2022 09:22:48 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 4EFB8B4AE for ; Wed, 13 Jul 2022 06:22:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1657718566; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=F/+E1ECi0puEBFInlLKBbyX4jpamV3J0oFs83DRhKdQ=; b=G9H69o8aas1M9Psf3yfmHRqvWGgbeoM76IxN/Zv55yHQp6tMvHx3TUAWkl7C9CRkRNsd2w pvikxyz3lkkda/lob/sxBa5rbSKg3MrVl8+Bf6hpzkwSloGCM5SPl9tLizJ45fzr7yWV54 yP1FFTudpZNM7BK6VzDs5a7gE1mzW/Y= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-363-HqEJF0RjNO-p8TOFhIgt1A-1; Wed, 13 Jul 2022 09:22:41 -0400 X-MC-Unique: HqEJF0RjNO-p8TOFhIgt1A-1 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 2E70D101A586; Wed, 13 Jul 2022 13:22:41 +0000 (UTC) Received: from [172.16.176.1] (unknown [10.22.48.8]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 57FB0492C3B; Wed, 13 Jul 2022 13:22:40 +0000 (UTC) From: "Benjamin Coddington" To: "Chuck Lever III" Cc: "Jeff Layton" , "Rick Macklem" , "Linux NFS Mailing List" , trondmy@hammerspace.com Subject: Re: [PATCH v2 00/15] RPC-with-TLS client side Date: Wed, 13 Jul 2022 09:22:39 -0400 Message-ID: <1FDB511A-646F-4E37-B95F-F83E1ED26796@redhat.com> In-Reply-To: References: <165452664596.1496.16204212908726904739.stgit@oracle-102.nfsv4.dev> MIME-Version: 1.0 Content-Type: text/plain X-Scanned-By: MIMEDefang 2.85 on 10.11.54.9 X-Spam-Status: No, score=-3.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org On 12 Jul 2022, at 20:51, Rick Macklem wrote: > As I already posted to Jeff, I can put the server up for > a day or two at any time anyone would like to test > against it. > > It now does TLS1.3 and I'll note the one thing the > server did that caught the FreeBSD client "off guard" > was it sends a couple of post handshake handshake > records. (The FreeBSD client now just tosses these away.) > > Just email if/when you'd like to test, rick Hey Chuck, is the bakeathon root or intermediate certificate published somewhere so we can add them to our trust stores? Ben