iSCSI names on login - consensus call

To: ssenum@cisco.com, ips@ece.cmu.edu
Subject: iSCSI names on login - consensus call
From: Black_David@emc.com
Date: Thu, 30 Aug 2001 23:02:00 -0400
Content-Type: text/plain;charset="iso-8859-1"
Sender: owner-ips@ece.cmu.edu

Yesterday, Steve Senum suggested:

> 2. Requiring Initiator and (if not a discovery session)
>    Target names on login command, so they are always
>    available if needed by the initial phase.

This definitely simplifies login, as the target no longer
has to check for the absence of the names and ask for them
if they are necessary.  Given the selection of IKE for
keying, the security concerns about always sending
the names are no longer valid - if the names need to
be hidden, an encrypted IPsec SA should be set
up by IKE (and Main Mode should be used if the IKE
identities also need to be hidden).

Based on discussion since Steve's post, I believe the
rough consensus of the IPS WG is to require the names on
the login command.  Julian Satran's disagreement with this
is noted - anyone else who objects should post to the
list and include a cogent technical rationale for the
objection.

Thanks,
--David

---------------------------------------------------
David L. Black, Senior Technologist
EMC Corporation, 42 South St., Hopkinton, MA  01748
+1 (508) 435-1000 x75140     FAX: +1 (508) 497-8500
black_david@emc.com       Mobile: +1 (978) 394-7754
---------------------------------------------------

Prev by Date: IKE and iSCSI Authentication
Next by Date: iSCSI: Proxies - Consensus Call
Prev by thread: RE: IKE and iSCSI Authentication
Next by thread: Re: iSCSI names on login - consensus call
Index(es):
- Date
- Thread

Home

Last updated: Tue Sep 04 01:03:49 2001
6315 messages in chronological order