RE: iSCSI Security rough consensus

To: someshg@yahoo.com, ips@ece.cmu.edu
Subject: RE: iSCSI Security rough consensus
From: Black_David@emc.com
Date: Fri, 4 May 2001 15:23:12 -0400
Content-Type: text/plain
Sender: owner-ips@ece.cmu.edu

> Sure would be nice if we could make up our minds and just
>  implement one mechanism.
>
>   Here we have two mechanisms (iSCSI header/data integrity
>   and ESP) which are both mandatory to implement and 
>   optional to use. Since ESP seems like a superset why not
>   just have that and get rid of the "integrity only" iSCSI
>   CRC mechanism.

It sure would be nice, and in fact we had almost
exactly this discussion later in the evening as
part of the error recovery section of the agenda.
The fly in the ointment is that the HMAC integrity
algorithm that is at the core of ESP's integrity
support is considerably more expensive (software
or hardware) than a CRC, and this isn't likely
to improve as I understand things.  I would expect
to see implementations with ESP completely in
software and visible performance impacts.

I really need to get the meeting minutes written up :-).

Thanks,
--David

---------------------------------------------------
David L. Black, Senior Technologist
EMC Corporation, 42 South St., Hopkinton, MA  01748
+1 (508) 435-1000 x75140     FAX: +1 (508) 497-8500
black_david@emc.com       Mobile: +1 (978) 394-7754
---------------------------------------------------

Follow-Ups:
- Re: iSCSI Security rough consensus
  - From: Mark Bakke <mbakke@cisco.com>

Prev by Date: RE: iSCSI Security rough consensus
Next by Date: RE: iSCSI Security rough consensus
Prev by thread: RE: iSCSI Security rough consensus
Next by thread: Re: iSCSI Security rough consensus
Index(es):
- Date
- Thread

Home

Last updated: Tue Sep 04 01:04:47 2001
6315 messages in chronological order