Re: Security -13 draft

To: philmac@research.bell-labs.com
Subject: Re: Security -13 draft
From: "Bernard Aboba" <bernard_aboba@hotmail.com>
Date: Fri, 07 Jun 2002 09:59:34 -0700
Cc: ips@ece.cmu.edu
Content-Type: text/plain; format=flowed
Sender: owner-ips@ece.cmu.edu

Good points. I will work on consolidating the iSCSI authentication text, and 
adding mention of CHAP to section 5.8.3.


>From: Philip MacKenzie <philmac@research.bell-labs.com>
>To: Bernard Aboba <bernard_aboba@hotmail.com>
>CC: ips@ece.cmu.edu
>Subject: Re: Security -13 draft
>Date: Wed, 05 Jun 2002 13:36:24 -0400
>
> > A -13 version of the security draft is available for your examination 
>at:
> >
> > http://www.drizzle.com/~aboba/IPS/draft-ietf-ips-security-13.txt
> >
> > Since this is potentially the version that will go to WG last call, a
>careful reading is encouraged.
>
>
>This seemed odd to me:
>
>SRP is given what seems like an offhand comment in
>section 5.8.3, which seems totally incongruous to the
>laborious SRP implementation details given in
>section 5.10 and Appendix A.
>
>Why all the details for something that's just mentioned
>in passing as an alternative authentication method?
>Also, why in section 5.8.3 is CHAP not mentioned, given
>that it is the MUST implement method?
>
>-Phil
>




_________________________________________________________________
Chat with friends online, try MSN Messenger: http://messenger.msn.com

Prev by Date: Re: iSCSI: ordered command delivery at the target
Next by Date: Re: iSCSI: CHAP Question
Prev by thread: Re: Security -13 draft
Next by thread: IPS schedule for Yokohama
Index(es):
- Date
- Thread

Home

Last updated: Fri Jun 07 13:18:45 2002
10581 messages in chronological order