|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: More on iSCSI boot> -even if we would like to standardize a "primary" or "minimal" boot we have > no good understanding (experience) > of how this will interact with the iSCSI security mechanisms. > Agree with this. But I think the lesson is (as David mentioned) that you need a (perhaps non-mandatory) security method that can be executed in the boot rom. Personally, I'm not that convinced that boot image signing as presently conceived is all that useful anyway, since it isn't widely deployed and there's no way to revoke the signature of a bad boot image (e.g. no certificate chain support).
Home Last updated: Tue Sep 04 01:04:35 2001 6315 messages in chronological order |