RE: iSCSI: New Lucent stmt on SRP

To: dpj@theworld.com
Subject: RE: iSCSI: New Lucent stmt on SRP
From: Black_David@emc.com
Date: Mon, 1 Apr 2002 10:43:34 -0500
Cc: ips@ece.cmu.edu
Content-Type: text/plain;charset="iso-8859-1"
Sender: owner-ips@ece.cmu.edu

David,

> At 01:58 PM 3/29/02 -0500, Black_David@emc.com wrote:
> >Not completely, but it helps. ...
> 
> David, can you elaborate on how it helps, what is missing, etc.?

This would be simpler if both Lucent and Phoenix had Stanford-
like licenses (no money changes hands) covering the patents in question.
That does not appear to be possible for reasons that are probably not
productive to discuss here, but it does create the next item, which
is the task now facing the WG ...

> >... The IESG is now requesting
> >that the WG consider use of a version of CHAP strengthened
> >by an anonymous Diffie-Hellman key exchange as an alternative
> >to SRP. ...
> 
> I'm not sure what "alternative" means in this context.  An alternative
> "option" in addition to something like SRP would achieve the
> goal of guaranteed free interoperability.  Or has the IESG suggested
> "replacement", which is something else entirely?

Read "alternative" as "alternative candidate for the 'MUST implement'
authentication mechanism".  Even before Lucent's new letter, there
were no problems with SRP as a 'MAY implement' mechanism.  I apologize
for not stating this clearly.

> >Ted Ts'o has done us the favor of posting many of the issues
> >that the IESG expects the WG to consider in his post from
> >this past Wednesday:
> >http://www.pdl.cmu.edu/mailinglists/ips/mail/msg09358.html
> 
> Have these IESG requests to the WG and expectations of the WG
> been formally posted directly to the list?  It would be nice to
> know what the other issues are too, that weren't included in
> Ted's post.

I don't believe there are any other issues, and my post to the
list is my understanding of the concerns - this falls into the
general area of "informal guidance from the ADs".  If something
formal is desired, it will take much longer.  Ted's post just
happens to cover the issues that the ADs care about; a solid
response to the issues he's raised should be sufficient on
technical grounds.

> >I would hope that a strawman design for this mechanism
> >could be posted in the next week, and apologize for the
> >delay ... I'm afraid that all attempts to clone me have
> >failed, and I need to ensure that some real cryptographers
> >check the resulting design before it is posted  ;-).
> 
> As legitimate review is an open process, I assume your wink
> means that the secret initial checking by "real cryptographers"
> is just a necessary first step.  Ted's post has stimulated an
> initial thread of security discussion, which can continue
> after the design is posted.

That's correct.  I want to make sure the proposal is cryptographically
sound before asking the WG to spend time analyzing other aspects.

Thanks,
--David
---------------------------------------------------
David L. Black, Senior Technologist
EMC Corporation, 42 South St., Hopkinton, MA  01748
+1 (508) 249-6449 *NEW*      FAX: +1 (508) 497-8500
black_david@emc.com         Cell: +1 (978) 394-7754
---------------------------------------------------

Prev by Date: RE: iSCSI: New Lucent stmt on SRP
Next by Date: RE: iscsi: CRN support not required. [was :Re: [Fwd: iSCSI: items discussed at WG meeting]]
Prev by thread: Re: iSCSI: New Lucent stmt on SRP
Next by thread: RE: iSCSI: New Lucent stmt on SRP
Index(es):
- Date
- Thread

Home

Last updated: Mon Apr 01 14:18:17 2002
9415 messages in chronological order