Re: [storm] iSCSI: New IPsec security requirements
Mallikarjun Chadalapaka <cbm@chadalapaka.com> Thu, 13 October 2011 22:24 UTC
Return-Path: <cbm@chadalapaka.com>
X-Original-To: storm@ietfa.amsl.com
Delivered-To: storm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A978E21F8BA6 for <storm@ietfa.amsl.com>; Thu, 13 Oct 2011 15:24:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.299
X-Spam-Level:
X-Spam-Status: No, score=-1.299 tagged_above=-999 required=5 tests=[AWL=1.300, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kF9ml+aP8jWz for <storm@ietfa.amsl.com>; Thu, 13 Oct 2011 15:24:10 -0700 (PDT)
Received: from snt0-omc3-s24.snt0.hotmail.com (snt0-omc3-s24.snt0.hotmail.com [65.55.90.163]) by ietfa.amsl.com (Postfix) with ESMTP id 2B91521F8B84 for <storm@ietf.org>; Thu, 13 Oct 2011 15:24:10 -0700 (PDT)
Received: from SNT131-DS14 ([65.55.90.136]) by snt0-omc3-s24.snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Thu, 13 Oct 2011 15:24:10 -0700
X-Originating-IP: [131.107.0.94]
X-Originating-Email: [cbm@chadalapaka.com]
Message-ID: <SNT131-ds14008F7A7CF11722D87D01A0E00@phx.gbl>
From: Mallikarjun Chadalapaka <cbm@chadalapaka.com>
To: david.black@emc.com, storm@ietf.org
References: <7C4DFCE962635144B8FAE8CA11D0BF1E058CFE6297@MX14A.corp.emc.com>
In-Reply-To: <7C4DFCE962635144B8FAE8CA11D0BF1E058CFE6297@MX14A.corp.emc.com>
Date: Thu, 13 Oct 2011 15:24:08 -0700
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQC5sW98KcfVaqXyRDrPoV0OUVJRPZegiZjg
Content-Language: en-us
X-OriginalArrivalTime: 13 Oct 2011 22:24:10.0377 (UTC) FILETIME=[D44E6790:01CC89F6]
Subject: Re: [storm] iSCSI: New IPsec security requirements
X-BeenThere: storm@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Storage Maintenance WG <storm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/storm>, <mailto:storm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/storm>
List-Post: <mailto:storm@ietf.org>
List-Help: <mailto:storm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/storm>, <mailto:storm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Oct 2011 22:24:10 -0000
Thanks for the follow-up David! That sounds reasonable to me. I will wait for the new text to get it into the draft getting now ready for submission (I have published a draft copy to the mailing list earlier this week). Mallikarjun -----Original Message----- From: storm-bounces@ietf.org [mailto:storm-bounces@ietf.org] On Behalf Of david.black@emc.com Sent: Thursday, October 13, 2011 1:55 PM To: storm@ietf.org Subject: [storm] iSCSI: New IPsec security requirements I've checked with the ipsecme WG and the responsible Security AD. The upshot is that there's still a lot of 2400-series RFC IPsec out there, and hence the appropriate IPsec requirements for iSCSI are: - MUST implement IPsec, 2400-series RFCs (IPsec v2, IKEv1). - SHOULD implement IPsec, 4300-series RFCs (IPsec v3, IKEv2). The MUST is for interoperability and to acknowledge what's out there; the SHOULD is to encourage implementers to move forward. Now I need to go write the actual text to go into the draft, and the main iSCSI draft will have to update RFC 3723 as part of this. Thanks, --David ---------------------------------------------------- David L. Black, Distinguished Engineer EMC Corporation, 176 South St., Hopkinton, MA 01748 +1 (508) 293-7953 FAX: +1 (508) 293-7786 david.black@emc.com Mobile: +1 (978) 394-7754 ---------------------------------------------------- _______________________________________________ storm mailing list storm@ietf.org https://www.ietf.org/mailman/listinfo/storm
- [storm] iSCSI: New IPsec security requirements david.black
- Re: [storm] iSCSI: New IPsec security requirements Mallikarjun Chadalapaka