> Summary of the concerns and proposed solutions for the PSARC 2007/414:
>
> Concern: Does clear text CHAP secret provides enough security?
I'm going to leave this one for now to get a feeling of others.
> Concern: The iSCSI target manifest does not comply with SMF authorization.
> Proposal:
> -We will add action_authorization and value_authorization to the
> manifest to make
> it SMF authorization compliant.
Good. Is there an updated spec showing this? Some how, I've
missed the FMRI and man pages documenting it. Shouldn't this
turn iscsitadm into being completely authorization driven? ;-)
It would be nice to see the updated man page.
> Issues:
> -The CHAP secret will be put back after PSARC 2007/177 is putback.
> The PSARC 2007/414 will
> cover the putback of the CHAP secret at a later time, and no
> additional case is needed.
I'm not sure how to read this. Is this accepting a case dependency
on 2007/177? Or is it saying that a two phase project is being
requested. Phase 1 without CHAP, phase 2 after 177 with CHAP.
Gary..
