|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: iSCSI extension algorithms (was no subject)> > And to head off the next question, if the advocates of X-com.bar.foo > > authentication want to get out from under the requirement in the > > previous paragraph, they make the effort to have the IETF standardize > > that authentication method. If that succeeds, and the algorithm is > > assigned something other than an X- key, none of this discussion > > applies to it at that point. > > Wouldn't those advocates also have to also make it a MUST? > > Because as long as the algorithm in question isn't a MUST, we have this > issue. The case you describe above for an X- method also applies for a > device that only ships with Kerberos, SRP, or one of the public key > methods; since those methods are optional, we have the exact same > interop-by-default issue. No, because the interop-by-default issue, and all of the text we're discussing applies *only* to non-standard extension algorithms. This issue is part of a larger IESG "hot button" on prohibition of mandatory vendor-specific extensions, hence getting a vendor-specific extension standardized, even if it's a MAY, is enough to get it out from under this set of requirements (as there's now a publicly available spec on how to implement it). Thanks, --David ---------------------------------------------------- David L. Black, Senior Technologist EMC Corporation, 176 South St., Hopkinton, MA 01748 +1 (508) 293-7953 FAX: +1 (508) 293-7786 black_david@emc.com Mobile: +1 (978) 394-7754 ----------------------------------------------------
Home Last updated: Thu Jan 16 20:19:05 2003 12202 messages in chronological order |