|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: iSCSI: New Lucent stmt on SRPDavid, > At 01:58 PM 3/29/02 -0500, Black_David@emc.com wrote: > >Not completely, but it helps. ... > > David, can you elaborate on how it helps, what is missing, etc.? This would be simpler if both Lucent and Phoenix had Stanford- like licenses (no money changes hands) covering the patents in question. That does not appear to be possible for reasons that are probably not productive to discuss here, but it does create the next item, which is the task now facing the WG ... > >... The IESG is now requesting > >that the WG consider use of a version of CHAP strengthened > >by an anonymous Diffie-Hellman key exchange as an alternative > >to SRP. ... > > I'm not sure what "alternative" means in this context. An alternative > "option" in addition to something like SRP would achieve the > goal of guaranteed free interoperability. Or has the IESG suggested > "replacement", which is something else entirely? Read "alternative" as "alternative candidate for the 'MUST implement' authentication mechanism". Even before Lucent's new letter, there were no problems with SRP as a 'MAY implement' mechanism. I apologize for not stating this clearly. > >Ted Ts'o has done us the favor of posting many of the issues > >that the IESG expects the WG to consider in his post from > >this past Wednesday: > >http://www.pdl.cmu.edu/mailinglists/ips/mail/msg09358.html > > Have these IESG requests to the WG and expectations of the WG > been formally posted directly to the list? It would be nice to > know what the other issues are too, that weren't included in > Ted's post. I don't believe there are any other issues, and my post to the list is my understanding of the concerns - this falls into the general area of "informal guidance from the ADs". If something formal is desired, it will take much longer. Ted's post just happens to cover the issues that the ADs care about; a solid response to the issues he's raised should be sufficient on technical grounds. > >I would hope that a strawman design for this mechanism > >could be posted in the next week, and apologize for the > >delay ... I'm afraid that all attempts to clone me have > >failed, and I need to ensure that some real cryptographers > >check the resulting design before it is posted ;-). > > As legitimate review is an open process, I assume your wink > means that the secret initial checking by "real cryptographers" > is just a necessary first step. Ted's post has stimulated an > initial thread of security discussion, which can continue > after the design is posted. That's correct. I want to make sure the proposal is cryptographically sound before asking the WG to spend time analyzing other aspects. Thanks, --David --------------------------------------------------- David L. Black, Senior Technologist EMC Corporation, 42 South St., Hopkinton, MA 01748 +1 (508) 249-6449 *NEW* FAX: +1 (508) 497-8500 black_david@emc.com Cell: +1 (978) 394-7754 ---------------------------------------------------
Home Last updated: Mon Apr 01 14:18:17 2002 9415 messages in chronological order |