|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: SRP vs PKI for authenticationOfer's provided part of the answer, in addition this is based in part on considerations for environments that are not prepared to invest heavily in security (so IPsec is not in use), but for which authentication is appropriate. SRP is considerably easier to set up and use than a PKI-based mechanism, and hence is the "MUST implement" to make good authentication easier to use in such environments in contrast to one of the SPKMs and the associated PKI and/or key generation and key management it requires. Thanks, --David --------------------------------------------------- David L. Black, Senior Technologist EMC Corporation, 42 South St., Hopkinton, MA 01748 +1 (508) 435-1000 x75140 FAX: +1 (508) 497-8500 black_david@emc.com Mobile: +1 (978) 394-7754 --------------------------------------------------- > -----Original Message----- > From: VAHUJA@aol.com [mailto:VAHUJA@aol.com] > Sent: Tuesday, November 13, 2001 7:13 PM > To: ips@ece.cmu.edu > Subject: SRP vs PKI for authentication > > > iSCSI draft 08 requires use of SRP for authentication, while > for Fabric switch authentication, there are proposals in T11 > that use PKI. The iSNS also allows PKI for authentication. I > have also seen some IP concerns raised recently about SRP... > > So my question is - for iSCSI login-time authentication, are > there compelling reasons for using SRP instead of PKI? >
Home Last updated: Fri Nov 16 22:17:38 2001 7841 messages in chronological order |