The process of finalizing the iSCSI storage standard ran into a few obstacles last week. The ratification was voted down by The Internet Engineering Steering Group's IP Storage Working Group because of minor concerns about the iSCSI standard that are simple to fix, according to a report in "eWeek."
The major concern of The Internet Engineering Steering Group's IP Storage Working Group was problem that "Bootstrapping Clients Using the iSCSI Protocol," a document that details the iSCSI standard, identified. The group rejected the document by a vote of nine to two. AT&T security expert Steve Bellovin, a member of the group, abstained from voting. The document details security in iSCSI's boot-up procedures, which include DHCP authentication, SLPv2, and IP Security (IPSec). The group working on the standard believes that most IP storage systems will be connected to Windows servers, and the group raises the concern that Windows' Preboot Execution Environment (PXE) is inherently insecure. According to an anonymous note from one voter, PXE security is rarely enabled in practice, which can allow a rogue PXE server to reformat a network's storage systems' drives.
The document's rejection is not expected to affect the overall iSCSI standard approval. The group hopes to resolve concerns about the document by the end of the month. The iSCSI standard is expected to become an official proposed standard this week.