SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    Re: iSCSI: DH-CHAP resolution




    John,

    I read it as being about the MAY - unproven means it's time has not come yet.
    I hope we can close sometime next week. I plan to start the "countdown" to 13 during the weekend.

    Julo


    John Hufferd/San Jose/IBM@IBMUS
    Sent by: owner-ips@ece.cmu.edu

    05/07/2002 08:58 PM
    Please respond to John Hufferd

           
            To:        "Elizabeth G. Rodriguez" <Elizabeth.G.Rodriguez@123mail.net>
            cc:        <ips@ece.cmu.edu>
            Subject:        Re: iSCSI: DH-CHAP resolution

           



    Does this mean that DH-CHAP, is not to be even a MAY implement?  Or was
    your statement only about it being a MUST?

    .
    .
    .
    John L. Hufferd
    Senior Technical Staff Member (STSM)
    IBM/SSG San Jose Ca
    Main Office (408) 256-0403, Tie: 276-0403,  eFax: (408) 904-4688
    Home Office (408) 997-6136, Cell: (408) 499-9702
    Internet address: hufferd@us.ibm.com


    "Elizabeth G. Rodriguez" <Elizabeth.G.Rodriguez@123mail.net>@ece.cmu.edu on
    05/07/2002 11:30:28 AM

    Sent by:    owner-ips@ece.cmu.edu


    To:    <ips@ece.cmu.edu>
    cc:
    Subject:    iSCSI: DH-CHAP resolution





    All,



    As mentioned previously, the consensus call for DH-CHAP was very close.  As
    a result, Allision Mankin requested security expertise be consulted further
    prior to declaring consensus on the issue.

    The result is that security experts believe that DH-CHAP, while from the
    reading, DH-CHAP seems to be a worthy solutionbut, as many have stated both
    to me and the ADs privately as well as on the mailing list,

    it is unproven.  As such, the decision has been made to NOT include DH-CHAP
    as an authentication mechanism for iSCSI.



    Now, the next question will be how will this effect the mandatory to
    implement authentication mechanism decision.  The Transport ADs still have
    significant concerns about IPR issues as they relate to SRP as the
    mandatory to implement mechanism.  They also feel that (as has been
    expressed on the mailing list) we do not have concrete requirements listed
    for the authentication mechanism.  As such, Allison is in the process of
    calling a meeting between the Security and Transport ADs. This will likely
    occur some time late this week.



    I realize that everyone is anxious to close on this issue.  I assure you it
    is being worked, and that the delay is related to making sure that iSCSI
    has the best chance of success, both in the IETF review process as well as
    the corporate environment.



    Thanks,



    Elizabeth Rodriguez

    IPS co-chair











Home

Last updated: Wed May 08 19:18:33 2002
10015 messages in chronological order