|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: iSCSI over TLSPeter, A very good point. I am not sure if the TOE vendors have plans of implementing IPSec and/or TLS. But allowing TLS as another mechanism is also going to increase the complexity on the TOE side. The more logic that is applied to the TOE the more expensive and difficult it is going to get. The TOE vendors take over the packet processing at layer 4 and hence is already fairly restrictive scale-wise. Adding TLS will make it more difficult. However, a good mix of TLS on software and a synergistic TOE can make a good combination. Hence I like the idea. I am not sure if any TOE vendors have any comment of this ??? SG *********** REPLY SEPARATOR *********** On 11/6/2001 at 4:15 PM Peter Mellquist wrote: >I am aware that the ips group is leaning toward IPSEC as for the security >solution but I am interested if anyone is also considering using Transport >Layer Security (TLS)? > >I am concerned that the requirement for IPSEC might make TOEs more complex >than they need to be. Can TLS be optionally used as well as defined by the >specification? This could allow TOE vendors to only be concerned with >providing normal IPv4 / ipv6 and leave the security to a higher layer. A >TLS >stack sitting above the TOE could then handle security very well. Also, I >anticipate that the first generation of TOEs will not support IPSEC. With a >iSCSI/TLS we could enable security solutions with the first generation of >TOEs and get speed and security. > >Are any TOE vendors planning to support IPSEC? > >Can TLS or IPSEC be supported? > >-peter > > > >Peter Mellquist >Seven Systems Technologies >575 Menlo Drive Suite 2 >Rocklin CA >916-577-1275 >peterm@seven-systems.com
Home Last updated: Thu Nov 08 15:17:37 2001 7655 messages in chronological order |