Re: UNH Plugfest 5

To: Paul Koning <pkoning@equallogic.com>
Subject: Re: UNH Plugfest 5
From: "Julian Satran" <Julian_Satran@il.ibm.com>
Date: Wed, 15 Jan 2003 18:53:18 +0200
Cc: ips@ece.cmu.edu, owner-ips@ece.cmu.edu
Content-Type: multipart/alternative; boundary="=_alternative 005BE245C2256CAF_="
In-Reply-To: <15909.34800.713734.598461@pkoning.dev.equallogic.com>
Sender: owner-ips@ece.cmu.edu

Paul,

The aim of the standard is to create interoperale protocols not administrators.

An administrator may cause initiators and target NOT TO interoperate in a myriad of ways.

The basic assumptions for the whole security setup is that the administrator will set them

so that they can intemperate and the standard setter provides him with the means to do so.

Your assumption that initiators and target should be able to interoperate regardless of their administrative entities

is not what standards do.

Julo

Paul Koning <pkoning@equallogic.com>

15/01/03 18:10

To	Julian Satran/Haifa/IBM@IBMIL
cc	ips@ece.cmu.edu, owner-ips@ece.cmu.edu
Subject	Re: UNH Plugfest 5

>>>>> "Julian" == Julian Satran <Julian_Satran@il.ibm.com> writes: Julian> Paul, Initiators are required to implement authentication but Julian> may use none. If the administrator insists that Julian> authentication must be used with redirectors too the same Julian> administrator will have to take care that the redirectors Julian> have the required authentication. Julian> The standard does not have to say anything about it.. Julian> We can't take the position of weakening always the security Julian> of the redirector nor one of requiring everybody to follow a Julian> stricter authetication. Do we want interoperability or don't we? My view of standards is that they exist for the purpose of producing interoperability. What you describe creates interop failures. If the initiator wants to require authentication before redirect, that will fail unless the target supports that, but there's nothing in the standard requiring the target to do so. So I have conforming implementations that can't talk to each other. That's not a good idea. Why do you say "weakening...the security of the redirector"? I don't see any security issue in sending the redirect before completing the authentication. Bob Russell explained that in his original note. If there were a security problem, I'd be the first to argue for requiring the authentication to be completed first. But since there is none, why require it? And if it's not required, why allow for configurations that break? paul

Follow-Ups:
- Re: UNH Plugfest 5
  - From: Paul Koning <pkoning@equallogic.com>

References:
- Re: UNH Plugfest 5
  - From: Paul Koning <pkoning@equallogic.com>

Prev by Date: Re: UNH Plugfest 5
Next by Date: Re: UNH Plugfest 5
Prev by thread: Re: UNH Plugfest 5
Next by thread: Re: UNH Plugfest 5
Index(es):
- Date
- Thread

Home

Last updated: Wed Jan 15 13:19:02 2003
12180 messages in chronological order