RE: iSCSI Security rough consensus

[Joshua Tseng <jtseng@NishanSystems.com>]

See below:
> 
> By comparison to full IPSec with IKE, using
> SRP to key ESP does not improve security.
> The underlying issue is IKE complexity (i.e.,
> the code and effort required to implement it).
> 
> Hence the rationale for using SRP to key
> ESP is that it provides dynamic key
> generation without implementing IKE -- this
> is an improvement over pre-shared keys at
> a much lower code and effort cost for a
> single-box (i.e., no external security gateway)
> implementation.

What I think I'm hearing you say is that you
are evaluating whether to REQUIRE SRP keying of
ESP/IPSec because its easier to do than IKE.
If so, then in the first place, I don't think that
is an appropriate justification for a requirement.
In the second place, I'm not sure I even agree with
that statement--there are many off-the-shelf IKE
implementations which can be easily leveraged for
iSCSI with little or no modification.  IKE doesn't
need to be conscious of the application (i.e., iSCSI)
being protected by IPSec.

I also agree with Bernard that this issue is not
specific to iSCSI, and belongs in the security WG.

Josh
> 
> Thanks,
> --David
> 
> ---------------------------------------------------
> David L. Black, Senior Technologist
> EMC Corporation, 42 South St., Hopkinton, MA  01748
> +1 (508) 435-1000 x75140     FAX: +1 (508) 497-8500
> black_david@emc.com       Mobile: +1 (978) 394-7754
> ---------------------------------------------------
>