|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: iSCSI Security rough consensus> I think this is a case of yet another group of people > looking at IKE and developing indigestion. I would > support Bernard's comment above that this ought to be > done once in a general fashion that's useful to other > applications provided that it can actually get done > without pulling back in most of IKE's functionality > as "nice to have" -- that's "son of IKE"'s job :-). > Judging by behavior, the symptoms of "IKE indigestion" seem to be spreading. These include both a yearning for a replacement to IKE (e.g. KINK, SRP, etc.) as well as desires for additions/changes to IKE, primarily to support legacy authentication (XAUTH, CRACK, Hybrid). Originally, the symptoms were confined to the IPSRA WG, but now they have appeared in IPS WG. If this is a true epidemic, I'd expect the emergency rooms to start filling up around now. Unfortunately, "son of IKE" is not really going to be a more functional IKE, but a "better written IKE specification with some of the unused stuff taken out." So in terms of functionality ommissions, the "son" will inherent the sins of the father.
Home Last updated: Tue Sep 04 01:04:46 2001 6315 messages in chronological order |