Re: iSCSI: DH-CHAP resolution

To: "John Hufferd" <hufferd@us.ibm.com>
Subject: Re: iSCSI: DH-CHAP resolution
From: "Julian Satran" <Julian_Satran@il.ibm.com>
Date: Thu, 9 May 2002 01:45:55 +0300
Cc: "Elizabeth G. Rodriguez" <Elizabeth.G.Rodriguez@123mail.net>, ips@ece.cmu.edu, owner-ips@ece.cmu.edu
Content-Type: multipart/alternative; boundary="=_alternative 003DB7E7C2256BB3_="
Sender: owner-ips@ece.cmu.edu

John,

I read it as being about the MAY - unproven means it's time has not come yet.

I hope we can close sometime next week. I plan to start the "countdown" to 13 during the weekend.

Julo

John Hufferd/San Jose/IBM@IBMUS
Sent by: owner-ips@ece.cmu.edu

05/07/2002 08:58 PM
Please respond to John Hufferd

To: "Elizabeth G. Rodriguez" <Elizabeth.G.Rodriguez@123mail.net>
cc: <ips@ece.cmu.edu>
Subject: Re: iSCSI: DH-CHAP resolution

Does this mean that DH-CHAP, is not to be even a MAY implement? Or was
your statement only about it being a MUST?

.
.
.
John L. Hufferd
Senior Technical Staff Member (STSM)
IBM/SSG San Jose Ca
Main Office (408) 256-0403, Tie: 276-0403, eFax: (408) 904-4688
Home Office (408) 997-6136, Cell: (408) 499-9702
Internet address: hufferd@us.ibm.com

"Elizabeth G. Rodriguez" <Elizabeth.G.Rodriguez@123mail.net>@ece.cmu.edu on
05/07/2002 11:30:28 AM

Sent by: owner-ips@ece.cmu.edu

To: <ips@ece.cmu.edu>
cc:
Subject: iSCSI: DH-CHAP resolution

All,

As mentioned previously, the consensus call for DH-CHAP was very close. As
a result, Allision Mankin requested security expertise be consulted further
prior to declaring consensus on the issue.

The result is that security experts believe that DH-CHAP, while from the
reading, DH-CHAP seems to be a worthy solutionbut, as many have stated both
to me and the ADs privately as well as on the mailing list,

it is unproven. As such, the decision has been made to NOT include DH-CHAP
as an authentication mechanism for iSCSI.

Now, the next question will be how will this effect the mandatory to
implement authentication mechanism decision. The Transport ADs still have
significant concerns about IPR issues as they relate to SRP as the
mandatory to implement mechanism. They also feel that (as has been
expressed on the mailing list) we do not have concrete requirements listed
for the authentication mechanism. As such, Allison is in the process of
calling a meeting between the Security and Transport ADs. This will likely
occur some time late this week.

I realize that everyone is anxious to close on this issue. I assure you it
is being worked, and that the delay is related to making sure that iSCSI
has the best chance of success, both in the IETF review process as well as
the corporate environment.

Thanks,

Elizabeth Rodriguez

IPS co-chair

Prev by Date: RE: iSCSI: ImmediateData negotiation
Next by Date: Re: iSCSI 4.1 & 4.2
Prev by thread: RE: iSCSI: DH-CHAP resolution
Next by thread: iSCSI: ImmediateData negotiation
Index(es):
- Date
- Thread

Home

Last updated: Wed May 08 19:18:33 2002
10015 messages in chronological order