SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    FW: Redirection (was UNH Plugfest 5)



    Forwarding an off-list note on this topic - a SHOULD is useful
    here to express a preference for which redirection mechanism
    to use in the presence of authentication.  I prefer the SHOULD
    for redirection after authentication because rogue target attacks
    are more dangerous to iSCSI than rogue initiator attacks because
    the initiator authenticates first when using CHAP.  Redirection
    prior to authentication makes it easier to mount a rogue target
    attack.
    
    Thanks,
    --David
    
    -----Original Message-----
    From: Paul Koning [mailto:pkoning@equallogic.com]
    Sent: Thursday, January 16, 2003 3:57 PM
    To: Black_David@emc.com
    Cc: Julian_Satran@il.ibm.com
    Subject: RE: Redirection (was UNH Plugfest 5)
    
    
    >>>>> "Black" == Black David <Black_David@emc.com> writes:
    
     Black> The most I could see doing here would be: - In the absence of
     Black> explicit administrative action, - If a target is contacted by
     Black> an Initiator requesting SecurityNegotiation, - And the target
     Black> would issue a redirect to that Initiator based on the target
     Black> name the initiator is trying to contact, - Then the target
     Black> SHOULD negotiate security before issuing the redirect.
    
    My preference is to swing the SHOULD in the other direction, because
    there is no security issue in doing so.  (In other words, if the
    initiator requests  security negotiation and the target replies with a
    redirect, the initiator SHOULD accept that redirect as valid without a
    full security negotiation.)  But your proposal still serves to
    strengthen the spec.
    
    	   paul
    


Home

Last updated: Fri Jan 17 06:19:01 2003
12206 messages in chronological order