SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    RE: SRP vs PKI for authentication



    Ofer's provided part of the answer, in addition this is
    based in part on considerations for environments that
    are not prepared to invest heavily in security (so IPsec
    is not in use), but for which authentication is appropriate.
    SRP is considerably easier to set up and use than a PKI-based
    mechanism, and hence is the "MUST implement" to make
    good authentication easier to use in such environments
    in contrast to one of the SPKMs and the associated PKI
    and/or key generation and key management it requires.
    
    Thanks,
    --David
    
    ---------------------------------------------------
    David L. Black, Senior Technologist
    EMC Corporation, 42 South St., Hopkinton, MA  01748
    +1 (508) 435-1000 x75140     FAX: +1 (508) 497-8500
    black_david@emc.com       Mobile: +1 (978) 394-7754
    ---------------------------------------------------
    
    
    > -----Original Message-----
    > From: VAHUJA@aol.com [mailto:VAHUJA@aol.com]
    > Sent: Tuesday, November 13, 2001 7:13 PM
    > To: ips@ece.cmu.edu
    > Subject: SRP vs PKI for authentication
    > 
    > 
    > iSCSI draft 08 requires use of SRP for authentication, while 
    > for Fabric switch authentication, there are proposals in T11 
    > that use PKI. The iSNS also allows PKI for authentication. I 
    > have also seen some IP concerns raised recently about SRP...
    > 
    > So my question is - for iSCSI login-time authentication, are 
    > there compelling reasons for using SRP instead of PKI? 
    > 
    


Home

Last updated: Fri Nov 16 22:17:38 2001
7841 messages in chronological order