RE: iSCSI Security rough consensus

To: Joshua Tseng <jtseng@NishanSystems.com>
Subject: RE: iSCSI Security rough consensus
From: biran@il.ibm.com
Date: Tue, 15 May 2001 23:48:46 +0300
cc: ips@ece.cmu.edu
Content-Disposition: inline
Content-type: text/plain; charset=us-ascii
Sender: owner-ips@ece.cmu.edu



Josh,

> I think if SRP were not used to key IPSec, then IKE
> would be needed.  On the other hand, if IKE were available,
> why would we need SRP to key IPSec?

Both SRP and SRP_WITH_ESP_KEYING will be defined among the
AuthMethods that can be negotiated in the Login, for now only
SRP mandatory to implement. If one has ESP with IKE (or pre-keying)
he can configure the negotiation not to offer/choose
SRP_WITH_ESP_KEYING.  However, this option might be very
convenient for non-IKE implementations.

   Regards,
     Ofer


Ofer Biran
Storage and Systems Technology
IBM Research Lab in Haifa
biran@il.ibm.com  972-4-8296253


Joshua Tseng <jtseng@NishanSystems.com> on 05/15/2001 09:34:43 PM

Please respond to Joshua Tseng <jtseng@NishanSystems.com>

To:   "'Black_David@emc.com'" <Black_David@emc.com>, aboba@internaut.com,
      tytso@mit.edu
cc:   ips@ece.cmu.edu
Subject:  RE: iSCSI Security rough consensus

Prev by Date: Re: iSCSI: Aggregation tags in SendTargets
Next by Date: RE: iSCSI: Canonical Targets
Prev by thread: RE: iSCSI Security rough consensus
Next by thread: RE: iSCSI Security rough consensus
Index(es):
- Date
- Thread

Home

Last updated: Tue Sep 04 01:04:42 2001
6315 messages in chronological order