SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    RE: iSCSI extension algorithms (was no subject)



    > > And to head off the next question, if the advocates of X-com.bar.foo
    > > authentication want to get out from under the requirement in the
    > > previous paragraph, they make the effort to have the IETF standardize
    > > that authentication method.  If that succeeds, and the algorithm is
    > > assigned something other than an X- key, none of this discussion
    > > applies to it at that point.
    > 
    > Wouldn't those advocates also have to also make it a MUST?
    > 
    > Because as long as the algorithm in question isn't a MUST, we have this
    > issue. The case you describe above for an X- method also applies for a
    > device that only ships with Kerberos, SRP, or one of the public key
    > methods; since those methods are optional, we have the exact same
    > interop-by-default issue.
    
    No, because the interop-by-default issue, and all of the text we're
    discussing applies *only* to non-standard extension algorithms.  This
    issue is part of a larger IESG "hot button" on prohibition of mandatory
    vendor-specific extensions, hence getting a vendor-specific extension
    standardized, even if it's a MAY, is enough to get it out from under
    this set of requirements (as there's now a publicly available spec
    on how to implement it).
    
    Thanks,
    --David
    ----------------------------------------------------
    David L. Black, Senior Technologist
    EMC Corporation, 176 South St., Hopkinton, MA  01748
    +1 (508) 293-7953             FAX: +1 (508) 293-7786
    black_david@emc.com        Mobile: +1 (978) 394-7754
    ----------------------------------------------------
    


Home

Last updated: Thu Jan 16 20:19:05 2003
12202 messages in chronological order