SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    iSCSI: DH-CHAP resolution



    All,

     

    As mentioned previously, the consensus call for DH-CHAP was very close.  As a result, Allision Mankin requested security expertise be consulted further prior to declaring consensus on the issue.

    The result is that security experts believe that DH-CHAP, while from the reading, DH-CHAP seems to be a worthy solution but, as many have stated both to me and the ADs privately as well as on the mailing list,

    it is unproven.  As such, the decision has been made to NOT include DH-CHAP as an authentication mechanism for iSCSI.

     

    Now, the next question will be how will this effect the mandatory to implement authentication mechanism decision.  The Transport ADs still have significant concerns about IPR issues as they relate to SRP as the mandatory to implement mechanism.  They also feel that (as has been expressed on the mailing list) we do not have concrete requirements listed for the authentication mechanism.  As such, Allison is in the process of calling a meeting between the Security and Transport ADs. This will likely occur some time late this week.

     

    I realize that everyone is anxious to close on this issue.  I assure you it is being worked, and that the delay is related to making sure that iSCSI has the best chance of success, both in the IETF review process as well as the corporate environment.

     

    Thanks,

     

    Elizabeth Rodriguez

    IPS co-chair

     

     



Home

Last updated: Thu May 09 18:18:27 2002
10034 messages in chronological order