|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: More on iSCSI boot> I would be surprised if it insisted that > the ips WG take on the task of building a better DHCP. > Agree. Boot security in general is not the problem of the IPS WG. However, I do think that the WG should think through the implications of iSCSI security on the potential for a secure boot process. For example, are we assuming that it would be impossible to implement iSCSI security during boot? Also, I'd note that between BIS and authenticated DHCP we already are pushing the limits of credential storage and administrative complexity. It's not entirely clear to me that this passes the "laugh test" - particularly when the need to secure other components (NFS, iSCSI, etc.) is added to the mix. If that's true then even a "better DHCP" (e.g. authenticated DHCP) may not be the right answer.
Home Last updated: Tue Sep 04 01:04:35 2001 6315 messages in chronological order |