SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    Re: iSCSI: SRP vs DH-CHAP



    >- A procedural question in this regard is the seeming lack of
    >    documented requirements for the authentication mechanism.  I
    >    don't really see a list of requirements stated in the security draft,
    >    even though there's general text that discusses some issues.  (BTW,
    >    the iSCSI requirements draft (rightly) does not go to the depth >    
    >we're seeking here). I am equally to blame for this, but I was    under the 
    >impression that we had a list of *documented*
    >    requirements to evaluate candidates - and we chose SRP.  I was    
    >somewhat surprised to see that we now seem to be    defining/weakening 
    >requirements afresh in some of the recent email >    threads I had seen.  I 
    >admit that I am not
    >    a security expert, but I am personally not _yet_ clear on the
    >    requirements....
    >--
    >Mallikarjun
    
    Since we seem to be in "blame sharing mode" here, I'll take some for myself. 
    The security draft doesn't talk about requirements for iSCSI authentication, 
    on the (mistaken) assumption that this was provided within the iSCSI 
    requirements document. However, there is no such guidance provided there. So 
    if we are to make a choice, there needs to be some requirements language 
    describing the relevant considerations. That's how the discussion got 
    started. If someone can provide a pointer to an earlier discussion that 
    settled this issue, that would save some time.
    
    _________________________________________________________________
    Send and receive Hotmail on your mobile device: http://mobile.msn.com
    
    


Home

Last updated: Fri Apr 05 15:18:25 2002
9529 messages in chronological order