iSCSI: 7.2.1 CHAP Considerations (12-98)

To: ietf-ips <ips@ece.cmu.edu>
Subject: iSCSI: 7.2.1 CHAP Considerations (12-98)
From: Steve Senum <ssenum@cisco.com>
Date: Wed, 12 Jun 2002 13:32:58 -0500
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=us-ascii
Sender: owner-ips@ece.cmu.edu

I have a concern over the wording of the
following text from section 7.2.1 (12-98 version):

    When CHAP is used with secret shorter than 96 bits,
    a compliant implementation MUST NOT continue with
    the login unless it can verify that IPsec encryption
    is being used to protect the connection.

I know the above is attempt to "put some teeth" into
the requirements to make the use of CHAP secure,
but I believe there are common cases where the
length of the CHAP secret cannot be verified, such
as when a RADIUS server is being used.

Regards,
Steve Senum

Prev by Date: RE: iSCSI: CRC description
Next by Date: Re: iSCSI-Asynch event code
Prev by thread: RE: iSCSI: CRC description
Next by thread: Re: iSCSI: 7.2.1 CHAP Considerations (12-98)
Index(es):
- Date
- Thread

Home

Last updated: Wed Jun 12 16:18:41 2002
10712 messages in chronological order