|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: iSCSI and IPSec> Though you are correct, the way you state it is as if Tunnel mode is some > how easier to implement then Transport mode, or as if Encryption is not > needed to be implemented. Now I am sure you did not mean that, so perhaps > I should restate you answer as follows: > * IPsec is a MUST be implemented: That is Data Integrity and Authentication > Must be implemented > > * IPsec is also a MUST implement Confidentiality (encryption). > > * All of the above MUST be implemented in Tunnel Mode, and If the IPsec > implementation of an iSCSI initiator or target conforms to the [RFC2401] > definition of a host, then to comply with section 4.1 of [RFC2401] it MUST > also implement the above in Transport mode. That was the case before the March meeting in Minneapolis. The current situation is the Tunnel Mode MUST be implemented, Transport Mode is OPTIONAL, and there is no need to consult the [RFC2401] definition of a host to figure this out. Thanks, --David --------------------------------------------------- David L. Black, Senior Technologist EMC Corporation, 42 South St., Hopkinton, MA 01748 +1 (508) 249-6449 *NEW* FAX: +1 (508) 497-8500 black_david@emc.com Cell: +1 (978) 394-7754 ---------------------------------------------------
Home Last updated: Fri May 10 12:18:28 2002 10053 messages in chronological order |