Re: iSCSI: DH-CHAP

To: David Black <Black_David@emc.com>
Subject: Re: iSCSI: DH-CHAP
From: David Jablon <dpj@theworld.com>
Date: Thu, 11 Apr 2002 14:16:42 -0400
Cc: <ips@ece.cmu.edu>, <ElizabethRodriguez@ieee.org>, <Elizabeth.G.Rodriguez@123mail.net>
Content-Type: text/plain; charset="us-ascii"
In-Reply-To: <006401c1e0bc$6691cff0$02e8afce@EGRodriguez>
Sender: owner-ips@ece.cmu.edu

David,

I respectfully request that my name be removed from the acknowlegements
section of <draft-black-ips-iscsi-dhchap-00.txt>, as it might otherwise
lead people to mistakenly believe that I was a willing and active participant
in the design effort.

I am strongly opposed to designing a cryptographic authentication
protocol with the deliberate goal to be vulnerable to active attack.

For the record, I responded to an unsolicited draft that was forwarded
to me in a private email, along with other comments, by one of the
participants in this design process that was otherwise closed-to-me.
My reply, out of courtesy to that participant, was exactly this:

>Your comments were good, and I'd say that the draft looks to
>be in good enough shape for the purposes of IPS discussion,
>except to note that "passwords" are never mentioned.
>
>If serious cryptographic review were necessary, then I think a lot of
>people would argue the point that the draft is necessarily
>out of scope for IPS consideration today anyway.

Apparently, those comments resulted in a draft that includes discussion
about passwords.  However, evidence of serious cryptographic review
remains to be seen, and seems problematic in light of the technical
design goals.  In light of this, the motivation for this work, and my
earlier public comments regarding closed vs. open design process,
I hope you'll understand why I prefer to not have my name associated
with this effort.  Thanks.

Best regards,

David Jablon

At 12:20 PM 4/10/02 -0600, Elizabeth G. Rodriguez wrote:

>All,
>
> 
>
>Please expect another email, from the Transport ADs, on the topic of
>
>SRP and intellectual property issues.
...

>Mentioned in Minneapolis was the possibility of CHAP enhanced by use of a 
>
>Diffie-Hellman Exchange.  David Black has authored an individual draft on
>
>this topic.  The DH-CHAP draft, draft-black-ips-iscsi-dhchap-00.txt has been
>
>submitted to the I-D servers and is also available at 
>
><http://www.ultranet.com/~dlb237/ips/draft-black-ips-iscsi-dhchap-00.txt>http://www.ultranet.com/~dlb237/ips/draft-black-ips-iscsi-dhchap-00.txt.
>
>The draft is an individual submission that the IPS WG is free to
>
>(quoting from the draft abstract) "adopt, modify, reject, fold,
>
>spindle, and/or mutilate as it sees fit".  Since David Black will be
>
>participating in the resulting discussion as an individual and author
>
>of the draft, and not as a WG co-chair, I will be the WG chair
>
>responsible for this draft and for determining WG rough consensus
>
>on this set of issues.
...

>From dhchap-00.txt:
> Acknowledgements 
>  
>    A combination of Diffie-Hellman with CHAP was originally suggested 
>    by Steve Bellovin.  The augmentation approach of concatenating the 
>    DH key to the CHAP challenge was suggested by Uri Blumenthal.  
>    Steve Senum contributed the text on EAP in Section 7.1 and its 
>    subsections.  Improvements have resulted from comments on earlier 
>    versions of the draft by a number of people, including Ofer Biran, 
>    Steve Senum, Mark Bakke, and David Jablon.  Comments on this topic 
>    from the IPS WG mailing list have been incorporated in various 
>    places.

References:
- iSCSI: DH-CHAP
  - From: "Elizabeth G. Rodriguez" <Elizabeth.G.Rodriguez@123mail.net>

Prev by Date: I-D ACTION:draft-ietf-ips-fcip-wglc-00.txt,.pdf
Next by Date: RE: iSCSI: SRP vs DH-CHAP
Prev by thread: Re: iSCSI: DH-CHAP - Defensive IPR ???
Next by thread: RE: iSCSI: DH-CHAP
Index(es):
- Date
- Thread

Home

Last updated: Thu Apr 11 12:18:26 2002
9600 messages in chronological order