SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    RE: Security Use Requirements



    > > 	It isn't enough to just point to existing security mechanisms and
    > > 	say "use these".  It's necessary to say how to use them with
    > > 	the protocol and what other assumptions must be true in order
    > > 	to achieve the desired security properties - some of these
    > > 	assumptions will be requirements on other components/protocols
    > > 	in the environment.
    > 
    > Thanks, and the point I'm trying to make is that iSCSI and IPSec/IKE can
    > pretty much work independently, with no compromise to security.  Having
    > IPSec and/or IKE become involved in iSCSI (or vice-versa) will increase
    > complexity while adding little additional value.
    
    I think Josh and I are in violent agreement on this.  In particular, I don't
    see
    any need to put WWUIs into IPSec/IKE or X.509 certificates.  Mechanisms
    like iSNS can handle the mapping between the various sort of identities,
    provided that iSNS is suitably secure.
    
    OTOH, there's a lot of work needed on the security text in the current
    iSCSI draft -- for example, Josh describes certificates and iSNS as being
    able to prevent certain attacks on key distribution, but the current iSCSI
    draft is basically silent on both subjects, and in particular does not
    describe how one party in an iSCSI authentication interaction gets
    its hands on the other's certificate to check it (which is generally
    a good thing to be able to do when certificates are used).
    
    The specific answer to:
    
    > The point is that IPSec provides the PER PACKET data
    > integrity/authentication and if desired, encryption.  The iSCSI login
    > process provides authentication AND authorization of the communicating
    > entities.  What more do you need?
    
    is that it's necessary to ensure that there isn't a gap between iSCSI
    authentication and IPSec authentication/integrity/confidentiality that
    would allow the communication to be attacked without breaking IPSec.
    
    Thanks,
    --David
    
    ---------------------------------------------------
    David L. Black, Senior Technologist
    EMC Corporation, 42 South St., Hopkinton, MA  01748
    +1 (508) 435-1000 x75140     FAX: +1 (508) 497-8500
    black_david@emc.com       Mobile: +1 (978) 394-7754
    ---------------------------------------------------
    
    


Home

Last updated: Tue Sep 04 01:05:33 2001
6315 messages in chronological order