iSCSI Auth MIB - resolution and next steps

To: ips@ece.cmu.edu
Subject: iSCSI Auth MIB - resolution and next steps
From: Black_David@emc.com
Date: Tue, 1 Jul 2003 11:13:38 -0400
Content-Type: text/plain;charset="iso-8859-1"
Delivered-To: ips@ece.cmu.edu
Sender: owner-ips@ece.cmu.edu

About a week ago I sent out email that said:

  AD and Expert Review of the User Identity Authentication MIB
  for iSCSI, draft-ietf-ips-auth-mib-04.txt, has turned up
  some serious security issues with the following two MIB objects:

 	- ipsAuthCredChapPassword
 	- ipsAuthCredSrpPassword

Since then, it has also become clear that there are design
problems with both objects.  The first one is mis-named and
lacks a description of the required strength of the CHAP
secret.  The second one has a more serious problem - it is
not consistent with the SRP architectural structure in RFC
2945, as the MIB objects should be the verifier and salt
to avoid having to send the password "in the clear" (with
respect to the MIB).

On the list, I have seen a note that a normative reference
to about-to-be-approved (and hence not widely deployed)
SNMP functionality could provide adequate security for these
objects, but no indications (strong or otherwise) that this
functionality (set CHAP secrets, SRP verifiers and salts)
is important to have in this MIB.  I therefore believe that
the rough consensus of the IPS WG is that the above two
objects are not essential to the functionality of this MIB.

The best course of action at this juncture is to delete the
above two objects from the MIB - the MIB authors are
hereby instructed to prepare a revised version of the MIB
that deletes the objects, removes the word "Authentication"
from the title of the Internet-Draft, and revises the
descriptive text to indicate that this MIB manages the
user identity aspects of authorization and/or access
control - authentication management (e.g., set and/or
change authentication secrets) is done via other means.

If at some point, authentication secret management
functionality becomes important, the MIB can be revised
and extended.

Thanks,
--David

----------------------------------------------------
David L. Black, Senior Technologist
EMC Corporation, 176 South St., Hopkinton, MA  01748
+1 (508) 293-7953             FAX: +1 (508) 293-7786
black_david@emc.com        Mobile: +1 (978) 394-7754
----------------------------------------------------

Prev by Date: iSCSI boot draft - informal WG Last Call
Next by Date: iSCSI: MaxRecvDataSegmentLength changing in FFP
Prev by thread: iSCSI boot draft - informal WG Last Call
Next by thread: iSCSI: MaxRecvDataSegmentLength changing in FFP
Index(es):
- Date
- Thread

Home

Last updated: Thu Jul 10 08:19:38 2003
12686 messages in chronological order