SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    RE: iSCSI:SRP



    I don't see your reasoning here David, please explain.  As Mallikarjun says,
    it's up to this WG to decide what the authentication reqmts are for iSCSI
    and choose a protocol.  Why would the IESG second guess that?  If that's the
    case, perhaps there's an unknown, unbounded list of authentication protocols
    that we haven't considered that the IESG will make us go back and consider?
    It's my understanding that DH-strenghthened CHAP is only "proposed", not
    currently standard (not even a draft)?  So I can't believe the IESG will
    make us go consider requiring a draft in our proposed standard, that's
    against their own stated rules?
    
    I agree with John.
    
    Marjorie Krueger
    Networked Storage Architecture
    Networked Storage Solutions Org.
    Hewlett-Packard
    tel: +1 916 785 2656
    fax: +1 916 785 0391
    email: marjorie_krueger@hp.com 
    
    > -----Original Message-----
    > From: Black_David@emc.com [mailto:Black_David@emc.com]
    > Sent: Monday, April 01, 2002 7:55 AM
    > To: hufferd@us.ibm.com; ips@ece.cmu.edu
    > Subject: RE: iSCSI:SRP
    > 
    > 
    > John,
    > 
    > Unfortunately, this is an attempt to "close the barn door
    > after the horses have escaped".  Sending iSCSI to the IESG
    > with a "MUST implement" for SRP, but without WG analysis of
    > the CHAP and DH-strengthened CHAP mechanisms as alternatives
    > for the "MUST implement" will likely result in the IESG returning
    > the iSCSI draft to the WG some number of months later with
    > instructions to do the analysis.  I believe the WG should
    > do this analysis right to avoid having to do it over ...
    > 
    > Sorry,
    > --David
    > 
    > > -----Original Message-----
    > > From: John Hufferd [mailto:hufferd@us.ibm.com]
    > > Sent: Saturday, March 30, 2002 5:44 PM
    > > To: ips@ece.cmu.edu
    > > Subject: iSCSI:SRP
    > > 
    > > 
    > > Folks,
    > > With the new statement from Lucent, we are now back to the 
    > > point were we
    > > were previously when we agreed to make SRP Must implement.
    > > 
    > > I propose that we go to the position we had before all this 
    > > flap developed
    > > about patent statement, and declare SRP MUST implement (as we 
    > > did before),
    > > and get that out of the way of our last call.
    > > 
    > > The code is available from Stanford's web site, and the 
    > > Patent issue is now
    > > just like others within the IETF.
    > > 
    > > I know there are some folks that are attempting to wrap 
    > > additional security
    > > around Chap, and that may be a good thing -- but we do not 
    > > need to hold up
    > > Last call as folks check out other options.  Remember, it is 
    > > always the
    > > quickly produced "fixes" at the last moment, that have a 
    > > higher probability
    > > of having a problem.
    > > 
    > > Again, lets make SRP Must implement, and Chap at least May 
    > implement,
    > > declare the proposed additional Chap security as May 
    > > Implement, and move
    > > on.
    > > 
    > > .
    > > .
    > > .
    > > John L. Hufferd
    > > Senior Technical Staff Member (STSM)
    > > IBM/SSG San Jose Ca
    > > Main Office (408) 256-0403, Tie: 276-0403,  eFax: (408) 904-4688
    > > Home Office (408) 997-6136, Cell: (408) 499-9702
    > > Internet address: hufferd@us.ibm.com
    > > 
    > 
    


Home

Last updated: Wed Apr 03 10:18:17 2002
9442 messages in chronological order