|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: iSCSI: Security Enviornments> Thank you for the information. You have made it clear you view iSNS is to > be the source of authorization. I fail to understand what limitation exists > using LDAP directly versus this rehash of DNS and LDAP, but you should > understand the importance of asking such dumb questions. iSNS is by no means the only possible source of this sort of information. If someone wants to use LDAP, they should write up and submit a draft on how to use it. > security management must be able to > endure device failure. This implies security is placed safely somewhere > which contains both authentication and authorization information. The implication is incorrect. The ability to run the security management application on more than one host to manage access control lists in persistent storage on the device is a counterexample. Most access control lists are stored at the point of access rather than obtained from an external source. I think it's up to the WG to decide whether to store authorization information at the target vs. obtaining it externally. --David --------------------------------------------------- David L. Black, Senior Technologist EMC Corporation, 42 South St., Hopkinton, MA 01748 +1 (508) 435-1000 x75140 FAX: +1 (508) 497-8500 black_david@emc.com Mobile: +1 (978) 394-7754 ---------------------------------------------------
Home Last updated: Tue Sep 04 01:05:31 2001 6315 messages in chronological order |