iSCSI requirements drafts

To: ips@ece.cmu.edu
Subject: iSCSI requirements drafts
From: biran@il.ibm.com
Date: Tue, 3 Apr 2001 13:09:58 +0300
Content-Disposition: inline
Content-type: text/plain; charset=us-ascii
Sender: owner-ips@ece.cmu.edu



Just two comments on the Security Considerations:

The iSCSI draft states that
"iSCSI implementations MUST provide means of
protection against active attacks (pretending as another
identity, message insertion, deletion, and modification)".
This might be reflected in a MUST statement in section 6.3
(which I would rename to "Data Integrity and Authentication ")

Also - I would rename the "CRC" occurrences in the MAY/MUST
statements on the beginning of 6.3 to "digest", as digests with
real security value may be negotiated (this is one method of
providing the above MUST).  CRC is one type of digest (that
doesn't provide security value, just error detection).

  Regards,
     Ofer


Ofer Biran
Storage and Systems Technology
IBM Research Lab in Haifa
biran@il.ibm.com  972-4-8296253

Prev by Date: RE: iSCSI ERT: data SACK/replay buffer/"semi-transport"
Next by Date: RE: iSCSI: frame formats
Prev by thread: iSCSI requirements drafts
Next by thread: Public key AuthMethod
Index(es):
- Date
- Thread

Home

Last updated: Tue Sep 04 01:05:11 2001
6315 messages in chronological order