RE: iSCSI: Security Enviornments

[Black_David@emc.com]

> Consider aspects of management.  If the SCSI controller responds to client
> with lists of accessible devices, how is the SCSI controller informed?
How
> is access managed in a uniform manner?

I'd recommend not discussing security of management right now beyond that
necessary to ensure that iSCSI identities and authentication work as
intended/
required.  Significant pieces of this are also outside the scope of the
working group, for example, how a target gets the information required
to respond to a REPORT LUNS command is in T10's space, not the ips WG,
and the same is true of SCSI-level access controls.

Beyond that, a properly configured TLS should be adequately secure
for a SAN.  Doug's opinion that privacy should not be mandatory to
implement is hereby officially noted (i.e., he can stop repeatedly
reminding us of it), and I would point out that this was also
the rough consensus at the WG meeting in Pittsburgh, which I believe
remains the rough consensus of the WG.

--David
---------------------------------------------------
David L. Black, Senior Technologist
EMC Corporation, 42 South St., Hopkinton, MA  01748
+1 (508) 435-1000 x75140     FAX: +1 (508) 497-8500
black_david@emc.com       Mobile: +1 (978) 394-7754
---------------------------------------------------