|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: iSCSI:SRPI don't see your reasoning here David, please explain. As Mallikarjun says, it's up to this WG to decide what the authentication reqmts are for iSCSI and choose a protocol. Why would the IESG second guess that? If that's the case, perhaps there's an unknown, unbounded list of authentication protocols that we haven't considered that the IESG will make us go back and consider? It's my understanding that DH-strenghthened CHAP is only "proposed", not currently standard (not even a draft)? So I can't believe the IESG will make us go consider requiring a draft in our proposed standard, that's against their own stated rules? I agree with John. Marjorie Krueger Networked Storage Architecture Networked Storage Solutions Org. Hewlett-Packard tel: +1 916 785 2656 fax: +1 916 785 0391 email: marjorie_krueger@hp.com > -----Original Message----- > From: Black_David@emc.com [mailto:Black_David@emc.com] > Sent: Monday, April 01, 2002 7:55 AM > To: hufferd@us.ibm.com; ips@ece.cmu.edu > Subject: RE: iSCSI:SRP > > > John, > > Unfortunately, this is an attempt to "close the barn door > after the horses have escaped". Sending iSCSI to the IESG > with a "MUST implement" for SRP, but without WG analysis of > the CHAP and DH-strengthened CHAP mechanisms as alternatives > for the "MUST implement" will likely result in the IESG returning > the iSCSI draft to the WG some number of months later with > instructions to do the analysis. I believe the WG should > do this analysis right to avoid having to do it over ... > > Sorry, > --David > > > -----Original Message----- > > From: John Hufferd [mailto:hufferd@us.ibm.com] > > Sent: Saturday, March 30, 2002 5:44 PM > > To: ips@ece.cmu.edu > > Subject: iSCSI:SRP > > > > > > Folks, > > With the new statement from Lucent, we are now back to the > > point were we > > were previously when we agreed to make SRP Must implement. > > > > I propose that we go to the position we had before all this > > flap developed > > about patent statement, and declare SRP MUST implement (as we > > did before), > > and get that out of the way of our last call. > > > > The code is available from Stanford's web site, and the > > Patent issue is now > > just like others within the IETF. > > > > I know there are some folks that are attempting to wrap > > additional security > > around Chap, and that may be a good thing -- but we do not > > need to hold up > > Last call as folks check out other options. Remember, it is > > always the > > quickly produced "fixes" at the last moment, that have a > > higher probability > > of having a problem. > > > > Again, lets make SRP Must implement, and Chap at least May > implement, > > declare the proposed additional Chap security as May > > Implement, and move > > on. > > > > . > > . > > . > > John L. Hufferd > > Senior Technical Staff Member (STSM) > > IBM/SSG San Jose Ca > > Main Office (408) 256-0403, Tie: 276-0403, eFax: (408) 904-4688 > > Home Office (408) 997-6136, Cell: (408) 499-9702 > > Internet address: hufferd@us.ibm.com > > >
Home Last updated: Wed Apr 03 10:18:17 2002 9442 messages in chronological order |