[openib-general] RE: [dat-discussions] round 2 - proposal for socket based connection model
Sean Hefty
mshefty at ichips.intel.com
Tue Oct 25 10:26:55 PDT 2005
Caitlin Bestler wrote:
> Is that because you do not agree that there is a problem?
> Or is it that you think the gap betweeen this and existing IP
> connection semantics is small enough that it is better to cover
> it with a disclosure than by changing the CM protocol?
I would define the problem as: applications want to connect over IB using IP
addressing. Defining the CM REQ private data solves is only a small part of the
solution (reverse lookup).
> On an IP network the remote IP Address/port was vouched for
> by the remote kernel at the minimum, and MAY have been authenticated
> by each routing element along the way. Private data supplied through
> the existing CM protocol has neither of those safeguards.
I think that security is a separate issue outside of this. I have no idea what
OS is running on a remote system, let alone how it may have verified an address.
That said, the kernel CMA would set this data based on information that it
collects. But only users of the CMA would have this additional protection.
- Sean
More information about the general
mailing list