|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: iSCSI: Security Enviornments> Consider aspects of management. If the SCSI controller responds to client > with lists of accessible devices, how is the SCSI controller informed? How > is access managed in a uniform manner? I'd recommend not discussing security of management right now beyond that necessary to ensure that iSCSI identities and authentication work as intended/ required. Significant pieces of this are also outside the scope of the working group, for example, how a target gets the information required to respond to a REPORT LUNS command is in T10's space, not the ips WG, and the same is true of SCSI-level access controls. Beyond that, a properly configured TLS should be adequately secure for a SAN. Doug's opinion that privacy should not be mandatory to implement is hereby officially noted (i.e., he can stop repeatedly reminding us of it), and I would point out that this was also the rough consensus at the WG meeting in Pittsburgh, which I believe remains the rough consensus of the WG. --David --------------------------------------------------- David L. Black, Senior Technologist EMC Corporation, 42 South St., Hopkinton, MA 01748 +1 (508) 435-1000 x75140 FAX: +1 (508) 497-8500 black_david@emc.com Mobile: +1 (978) 394-7754 ---------------------------------------------------
Home Last updated: Tue Sep 04 01:05:31 2001 6315 messages in chronological order |